General

  • Target

    ee7493ae0113410b3dcffda1d9adaff9_JaffaCakes118

  • Size

    3.0MB

  • Sample

    240411-13x5xsaa5w

  • MD5

    ee7493ae0113410b3dcffda1d9adaff9

  • SHA1

    c8a639be5cdf944f418239035fd8edfa35de51cf

  • SHA256

    4776f303bac05038a9c2a8496234883e6970f374138ce9b882b1ca2d638d701f

  • SHA512

    fab10394055f2625769816c591381404fd6c78ca82c2f7f84d038873399ca6aa71a5a563894330626f175cc61d71188e5242cfd3086f8cc5f3c542dc294a5782

  • SSDEEP

    49152:/Afj1AMWwyvsX4Xdk6p4JUSu1Jmcm21hjmDfaT/dQYTDtr9gQwKxRPKP3vs9RI+k:YfJW6IXW6iJUrwfaT/dtTRrPKPfs9RId

Malware Config

Targets

    • Target

      ee7493ae0113410b3dcffda1d9adaff9_JaffaCakes118

    • Size

      3.0MB

    • MD5

      ee7493ae0113410b3dcffda1d9adaff9

    • SHA1

      c8a639be5cdf944f418239035fd8edfa35de51cf

    • SHA256

      4776f303bac05038a9c2a8496234883e6970f374138ce9b882b1ca2d638d701f

    • SHA512

      fab10394055f2625769816c591381404fd6c78ca82c2f7f84d038873399ca6aa71a5a563894330626f175cc61d71188e5242cfd3086f8cc5f3c542dc294a5782

    • SSDEEP

      49152:/Afj1AMWwyvsX4Xdk6p4JUSu1Jmcm21hjmDfaT/dQYTDtr9gQwKxRPKP3vs9RI+k:YfJW6IXW6iJUrwfaT/dtTRrPKPfs9RId

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks