General
-
Target
1a93876732f3c40149574dfeb642fe90_JaffaCakes118
-
Size
782KB
-
Sample
240701-j8er4avaqj
-
MD5
1a93876732f3c40149574dfeb642fe90
-
SHA1
246af7100692a121f746e6e4954725fe89c85228
-
SHA256
da36971620575c88d4c41f97dcf34ff5b4219cbfada6ede615cdb9b991072d65
-
SHA512
87369f8904c904863a433631cdc378c633829dc17148004323b4483d43c26ebe44853d7c2ceb27aa84b1f054841edbab5552e10abe1067027013cf130fdad2ce
-
SSDEEP
24576:HgvME5R6q/LhzITfFbNX2/zeN/oT0cPm5:AvMZq/STfFBXCYoTBP
Behavioral task
behavioral1
Sample
1a93876732f3c40149574dfeb642fe90_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
1a93876732f3c40149574dfeb642fe90_JaffaCakes118
-
Size
782KB
-
MD5
1a93876732f3c40149574dfeb642fe90
-
SHA1
246af7100692a121f746e6e4954725fe89c85228
-
SHA256
da36971620575c88d4c41f97dcf34ff5b4219cbfada6ede615cdb9b991072d65
-
SHA512
87369f8904c904863a433631cdc378c633829dc17148004323b4483d43c26ebe44853d7c2ceb27aa84b1f054841edbab5552e10abe1067027013cf130fdad2ce
-
SSDEEP
24576:HgvME5R6q/LhzITfFbNX2/zeN/oT0cPm5:AvMZq/STfFBXCYoTBP
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-