Overview

overview

10

Static

static

1

bf55d207f8...18.exe

windows7-x64

10

bf55d207f8...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bf55d207f8fc30d80748ce6859a57448_JaffaCakes118

  • Size

    6.3MB

  • Sample

    240824-y5wzjaxemf

  • MD5

    bf55d207f8fc30d80748ce6859a57448

  • SHA1

    c6a3aaa136ad02a09f78e88e9cd96c03e6a51e48

  • SHA256

    0e44ac21fecfc084cf3477b567da07bf5700ee28b2a271288e27e2c55354a802

  • SHA512

    e4adc13bc96ceeaa722884b54ba9cb8c2a5db6ccef6a7003aef5126fa35272b1c30b96118461acc01c6933bf01b4c9b80b87811801db2a76a9fc32fb5309605d

  • SSDEEP

    98304:AHl1U+mGmmmmTojVdcx1xcPenAfPSc4MUKL/5tHwE8yYHc0VW53rIst6LiPHGIK:FjVaC26xbFtHP8RWqWLK

Score
10/10
banloaddiscoverydownloaderdropperevasiontrojan

Malware Config

Targets

    • Target

      bf55d207f8fc30d80748ce6859a57448_JaffaCakes118

    • Size

      6.3MB

    • MD5

      bf55d207f8fc30d80748ce6859a57448

    • SHA1

      c6a3aaa136ad02a09f78e88e9cd96c03e6a51e48

    • SHA256

      0e44ac21fecfc084cf3477b567da07bf5700ee28b2a271288e27e2c55354a802

    • SHA512

      e4adc13bc96ceeaa722884b54ba9cb8c2a5db6ccef6a7003aef5126fa35272b1c30b96118461acc01c6933bf01b4c9b80b87811801db2a76a9fc32fb5309605d

    • SSDEEP

      98304:AHl1U+mGmmmmTojVdcx1xcPenAfPSc4MUKL/5tHwE8yYHc0VW53rIst6LiPHGIK:FjVaC26xbFtHP8RWqWLK

    Score
    10/10
    banloaddiscoverydownloaderdropperevasiontrojan

    • Banload

      Banload variants download malicious files, then install and execute the files.

      trojandropperdownloaderbanload

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks