General
-
Target
1e4772da921c3e14e53203e91e8faaae_JaffaCakes118
-
Size
612KB
-
Sample
240702-g1x8cszdnc
-
MD5
1e4772da921c3e14e53203e91e8faaae
-
SHA1
7af06ba77c7bc5c1d9065379b73bd859b9badae9
-
SHA256
f22918a21817acf20d5450586f54caf11de888eb967676a82940a34a9fadaa3a
-
SHA512
f4502f0ff7b436626e14b351ea471c2c739665bef0322be2bb2b66253ae9a31818a02dda40a9777e0442b7ddb298a8d85fa0816ab6cd9720cd9cf4a6df773435
-
SSDEEP
12288:vZgKOZ8ZmG8+nMRaLlCOS1UxgmTCfblyofjemfu5fl7Fs0hcCmBQdX+yMKyE2M:RfOZ8ZmtWRCOZtTCDL6aoRhcCmufh
Behavioral task
behavioral1
Sample
1e4772da921c3e14e53203e91e8faaae_JaffaCakes118.exe
Resource
win7-20240508-en
Malware Config
Targets
-
-
Target
1e4772da921c3e14e53203e91e8faaae_JaffaCakes118
-
Size
612KB
-
MD5
1e4772da921c3e14e53203e91e8faaae
-
SHA1
7af06ba77c7bc5c1d9065379b73bd859b9badae9
-
SHA256
f22918a21817acf20d5450586f54caf11de888eb967676a82940a34a9fadaa3a
-
SHA512
f4502f0ff7b436626e14b351ea471c2c739665bef0322be2bb2b66253ae9a31818a02dda40a9777e0442b7ddb298a8d85fa0816ab6cd9720cd9cf4a6df773435
-
SSDEEP
12288:vZgKOZ8ZmG8+nMRaLlCOS1UxgmTCfblyofjemfu5fl7Fs0hcCmBQdX+yMKyE2M:RfOZ8ZmtWRCOZtTCDL6aoRhcCmufh
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-