General
-
Target
1abdca7c3040321b7913bb51637e75a8_JaffaCakes118
-
Size
630KB
-
Sample
240701-k932rawhpj
-
MD5
1abdca7c3040321b7913bb51637e75a8
-
SHA1
b82e2b732b96ead4cf2d91bf95cb945ad3459c1b
-
SHA256
f312aafcc806222a88b55dafef8c30614a93e54498968cd4692c27fe41f8c152
-
SHA512
a0e0439e63650f15edf0752a1cce8e2aea4add50770b1439cdd3b9651dde75128ceccd29995d3ce1cd5e93edae7299445b1187078ddd590237092902a38b1565
-
SSDEEP
12288:59ZDtIWo+WI4JHC5hkcyaRDHAb7tasgVonWgemnId3Nipj:59xKWo+P4JHC5ecvRDHA/tasConWIIds
Malware Config
Targets
-
-
Target
1abdca7c3040321b7913bb51637e75a8_JaffaCakes118
-
Size
630KB
-
MD5
1abdca7c3040321b7913bb51637e75a8
-
SHA1
b82e2b732b96ead4cf2d91bf95cb945ad3459c1b
-
SHA256
f312aafcc806222a88b55dafef8c30614a93e54498968cd4692c27fe41f8c152
-
SHA512
a0e0439e63650f15edf0752a1cce8e2aea4add50770b1439cdd3b9651dde75128ceccd29995d3ce1cd5e93edae7299445b1187078ddd590237092902a38b1565
-
SSDEEP
12288:59ZDtIWo+WI4JHC5hkcyaRDHAb7tasgVonWgemnId3Nipj:59xKWo+P4JHC5ecvRDHA/tasConWIIds
Score7/10-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Themida packer
Detects Themida, an advanced Windows software protection system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-