General

  • Target

    18c7e5fbfb5b0bdd09279e3bd8bd17f0_JaffaCakes118

  • Size

    1.7MB

  • Sample

    240628-e4zt9a1enb

  • MD5

    18c7e5fbfb5b0bdd09279e3bd8bd17f0

  • SHA1

    15b80b8a4b263f8a4b902dc1f6af01b923032e0e

  • SHA256

    2cd91ceff31309f8dbdef3e2ef66cd20a6df6d910f9a4c98b3d7a9e67aada436

  • SHA512

    29efa3df1eb2046e8662e29ef409cb6e7b6e7e3590aa9e9ee2d844e7faad3dd7302bd0c1627d4512faffccf53b446c3e82eb49b15ee14cc0a46fff8fdda1aaa6

  • SSDEEP

    49152:W3T+vr7klhTd2UJA0MfsPGrBnY0Llmh71Is9M:8yv/klR2fsPG1nDl271G

Malware Config

Targets

    • Target

      18c7e5fbfb5b0bdd09279e3bd8bd17f0_JaffaCakes118

    • Size

      1.7MB

    • MD5

      18c7e5fbfb5b0bdd09279e3bd8bd17f0

    • SHA1

      15b80b8a4b263f8a4b902dc1f6af01b923032e0e

    • SHA256

      2cd91ceff31309f8dbdef3e2ef66cd20a6df6d910f9a4c98b3d7a9e67aada436

    • SHA512

      29efa3df1eb2046e8662e29ef409cb6e7b6e7e3590aa9e9ee2d844e7faad3dd7302bd0c1627d4512faffccf53b446c3e82eb49b15ee14cc0a46fff8fdda1aaa6

    • SSDEEP

      49152:W3T+vr7klhTd2UJA0MfsPGrBnY0Llmh71Is9M:8yv/klR2fsPG1nDl271G

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    • Checks whether UAC is enabled

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks