General

  • Target

    db7fee7e2f6a553c9a437b348a81164c_JaffaCakes118

  • Size

    525KB

  • Sample

    240912-avvrqa1hkj

  • MD5

    db7fee7e2f6a553c9a437b348a81164c

  • SHA1

    3cda468abbbd995b33bdfd300f89eb2e096e3e57

  • SHA256

    1489cd7a853db05518e339503841a7c1c8880de5817298a8e453102f5c7fa503

  • SHA512

    229beec76a0f4adea5a631edec2606b63473f969ece40fb7aa2c2fcdce6182dcca15a589360141d74f6e1c1ddd944170149d215e111eb3861975618853347fdc

  • SSDEEP

    12288:YDX+uX9ZO5v6DdDlf/1lwe8XZD25C3cila/UeyOYKw4c:YDX+ubS67f8Zdx2UeyhKw7

Score
9/10

Malware Config

Targets

    • Target

      db7fee7e2f6a553c9a437b348a81164c_JaffaCakes118

    • Size

      525KB

    • MD5

      db7fee7e2f6a553c9a437b348a81164c

    • SHA1

      3cda468abbbd995b33bdfd300f89eb2e096e3e57

    • SHA256

      1489cd7a853db05518e339503841a7c1c8880de5817298a8e453102f5c7fa503

    • SHA512

      229beec76a0f4adea5a631edec2606b63473f969ece40fb7aa2c2fcdce6182dcca15a589360141d74f6e1c1ddd944170149d215e111eb3861975618853347fdc

    • SSDEEP

      12288:YDX+uX9ZO5v6DdDlf/1lwe8XZD25C3cila/UeyOYKw4c:YDX+ubS67f8Zdx2UeyhKw7

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v15

Tasks