General
-
Target
1be3ba0abd9b712910e3f3fe8b12395f_JaffaCakes118
-
Size
2.7MB
-
Sample
240701-v4mspathrq
-
MD5
1be3ba0abd9b712910e3f3fe8b12395f
-
SHA1
9217367b66ceb210579cc2f16d17a4609e84e31e
-
SHA256
6246b78d3aeb858ea75b0157a95f19d5d8239954a5765bcfef8045cf7e7d1787
-
SHA512
4d7232989f3c2adbc04be8b23b70ad1178e7e2c069e1a2c5fde12d0756df82b4feafde63c8e5afbd70663788c24cd1da2315215770bfef8ffcba845a0810a828
-
SSDEEP
49152:tVhzpmK7ph0csIVbJvZh0R2zpmTlsA6oCSQ92hlgGk8hZOIHzeo1pRTMzpIioWPU:zhVmgph8IV9vZxlmR6ld8Vk4Tvp+zORL
Malware Config
Targets
-
-
Target
1be3ba0abd9b712910e3f3fe8b12395f_JaffaCakes118
-
Size
2.7MB
-
MD5
1be3ba0abd9b712910e3f3fe8b12395f
-
SHA1
9217367b66ceb210579cc2f16d17a4609e84e31e
-
SHA256
6246b78d3aeb858ea75b0157a95f19d5d8239954a5765bcfef8045cf7e7d1787
-
SHA512
4d7232989f3c2adbc04be8b23b70ad1178e7e2c069e1a2c5fde12d0756df82b4feafde63c8e5afbd70663788c24cd1da2315215770bfef8ffcba845a0810a828
-
SSDEEP
49152:tVhzpmK7ph0csIVbJvZh0R2zpmTlsA6oCSQ92hlgGk8hZOIHzeo1pRTMzpIioWPU:zhVmgph8IV9vZxlmR6ld8Vk4Tvp+zORL
Score7/10-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Themida packer
Detects Themida, an advanced Windows software protection system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-