f432024bc6e9d6d4a7155ae88a97d2eef61110a101fd1baaa963ae525ff20188 | Triage

Submit
Reports

Overview

overview

7

Static

static

7

1cfe09ae75...18.exe

windows7-x64

7

1cfe09ae75...18.exe

windows10-2004-x64

7

Sharing

General

Target

1cfe09ae75431ca584900bfccde15756_JaffaCakes118
Size

648KB
Sample

240701-3vj97sxfma
MD5

1cfe09ae75431ca584900bfccde15756
SHA1

e02920e49d2e37b78ee680e384e912b39001e336
SHA256

f432024bc6e9d6d4a7155ae88a97d2eef61110a101fd1baaa963ae525ff20188
SHA512

e7f56bc2effdc0767283c520e0123bc25e72c1742f28d9765c5590c49f46b249605137140fe87530c4b6745be15737cd7f60f0c4ab9e9a84afaa5bd0c89d1ad8
SSDEEP

12288:5QdMgJ6qqUee8qEiCQgynYlWrAFAaFZruDQ8nhxJaer/u7Bp2:5QdMFpUl89in/noWrAZZLMHJ3T0X2

Score

7^/10

evasion themida

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

1cfe09ae75431ca584900bfccde15756_JaffaCakes118.exe

Resource

win7-20240611-en

evasion themida

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

1cfe09ae75431ca584900bfccde15756_JaffaCakes118.exe

Resource

win10v2004-20240226-en

evasion themida

windows10-2004-x64

2 signatures

150 seconds

Malware Config

Targets

- Target
  
  1cfe09ae75431ca584900bfccde15756_JaffaCakes118
- Size
  
  648KB
- MD5
  
  1cfe09ae75431ca584900bfccde15756
- SHA1
  
  e02920e49d2e37b78ee680e384e912b39001e336
- SHA256
  
  f432024bc6e9d6d4a7155ae88a97d2eef61110a101fd1baaa963ae525ff20188
- SHA512
  
  e7f56bc2effdc0767283c520e0123bc25e72c1742f28d9765c5590c49f46b249605137140fe87530c4b6745be15737cd7f60f0c4ab9e9a84afaa5bd0c89d1ad8
- SSDEEP
  
  12288:5QdMgJ6qqUee8qEiCQgynYlWrAFAaFZruDQ8nhxJaer/u7Bp2:5QdMFpUl89in/noWrAZZLMHJ3T0X2
Score

7^/10

evasion themida
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Identifies Wine through registry keys
  Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
  evasion
- Themida packer
  Detects Themida, an advanced Windows software protection system.
  themida
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy