General
-
Target
1d07cb640be6604e34f244efd2e60ab0_JaffaCakes118
-
Size
546KB
-
Sample
240702-abpfla1hrp
-
MD5
1d07cb640be6604e34f244efd2e60ab0
-
SHA1
8764429c0bdeba106dab79b9c4063ea6b9792026
-
SHA256
d2eb077e381bed0b5e24af52dfebf2c8e54d2e5f9ca9638c5e8b682c4501db11
-
SHA512
8675dc819d81b968a09c343880b99cb021238de3c5f0f14c6328a01d81588b1e05c13ab334a241660a4b8ac948b361a1a72feb3c2332266fd087bceab71a465a
-
SSDEEP
12288:9qgXc6HfBzXt1C3fgEziRrmNwA7ceOzP4qMpEkok3eSzBdP6cRWEJr:r/Zd1C3pz6VAb1q5rqBscsEJr
Malware Config
Targets
-
-
Target
1d07cb640be6604e34f244efd2e60ab0_JaffaCakes118
-
Size
546KB
-
MD5
1d07cb640be6604e34f244efd2e60ab0
-
SHA1
8764429c0bdeba106dab79b9c4063ea6b9792026
-
SHA256
d2eb077e381bed0b5e24af52dfebf2c8e54d2e5f9ca9638c5e8b682c4501db11
-
SHA512
8675dc819d81b968a09c343880b99cb021238de3c5f0f14c6328a01d81588b1e05c13ab334a241660a4b8ac948b361a1a72feb3c2332266fd087bceab71a465a
-
SSDEEP
12288:9qgXc6HfBzXt1C3fgEziRrmNwA7ceOzP4qMpEkok3eSzBdP6cRWEJr:r/Zd1C3pz6VAb1q5rqBscsEJr
Score7/10-
Executes dropped EXE
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Loads dropped DLL
-
Themida packer
Detects Themida, an advanced Windows software protection system.
-
Drops file in System32 directory
-