General

  • Target

    ed42388ec7dba419dd775c1c8e57e4ba_JaffaCakes118

  • Size

    3.0MB

  • Sample

    240411-m2bcwaaa54

  • MD5

    ed42388ec7dba419dd775c1c8e57e4ba

  • SHA1

    63457773a5e3a7b80eaf8073861f8d12bd67a074

  • SHA256

    d2c781b32d2d0f66320ef25b997fb0ccce3430cad733dbf504e7d5b67304e926

  • SHA512

    7bb452c2da7f3d87001af84a8aa75b5a964623e618f3b5db6bd47a5d6767680760e65ce87a185c5d269663c586652a4e0f02e722cb18c0314d59787d68675960

  • SSDEEP

    49152:BhEqRRQMzZwsRyvVVRTrX+/dIOCfgJSBOWJ4U4H4N3cx4neuBiUar9hVCifnBl6p:BhDRQM+VRvumOCfkSBOLU64RcCnn+VCD

Malware Config

Targets

    • Target

      ed42388ec7dba419dd775c1c8e57e4ba_JaffaCakes118

    • Size

      3.0MB

    • MD5

      ed42388ec7dba419dd775c1c8e57e4ba

    • SHA1

      63457773a5e3a7b80eaf8073861f8d12bd67a074

    • SHA256

      d2c781b32d2d0f66320ef25b997fb0ccce3430cad733dbf504e7d5b67304e926

    • SHA512

      7bb452c2da7f3d87001af84a8aa75b5a964623e618f3b5db6bd47a5d6767680760e65ce87a185c5d269663c586652a4e0f02e722cb18c0314d59787d68675960

    • SSDEEP

      49152:BhEqRRQMzZwsRyvVVRTrX+/dIOCfgJSBOWJ4U4H4N3cx4neuBiUar9hVCifnBl6p:BhDRQM+VRvumOCfkSBOLU64RcCnn+VCD

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks