General
-
Target
ecdef2f594e08de3e8bf538025215c55_JaffaCakes118
-
Size
1.4MB
-
Sample
240411-h5eggshe9x
-
MD5
ecdef2f594e08de3e8bf538025215c55
-
SHA1
643dc714c2d8b61baffd17a00931db238790dfef
-
SHA256
3baa56b9d89ce2338dfb89732b1fda8158c8a3b9a539b182dcc9bb7a2b5b02d4
-
SHA512
83d0c6c1084ef5d02b3c4f09984496e70a7eb5d335535b31607edb2b0b05d96dd91a670c23bf623eb5cf18252b384c78177cefbc8fde63c69a0ba450b37cacdb
-
SSDEEP
24576:5yioZs8SOZMJzX6dRVrtTC1zJr0dHXsaajR5ZfBShwsYVjDhBMKyUF:V2sHOZMlXcVJkr0tsaajHZfND3MYF
Behavioral task
behavioral1
Sample
ecdef2f594e08de3e8bf538025215c55_JaffaCakes118.exe
Resource
win7-20240220-en
Malware Config
Targets
-
-
Target
ecdef2f594e08de3e8bf538025215c55_JaffaCakes118
-
Size
1.4MB
-
MD5
ecdef2f594e08de3e8bf538025215c55
-
SHA1
643dc714c2d8b61baffd17a00931db238790dfef
-
SHA256
3baa56b9d89ce2338dfb89732b1fda8158c8a3b9a539b182dcc9bb7a2b5b02d4
-
SHA512
83d0c6c1084ef5d02b3c4f09984496e70a7eb5d335535b31607edb2b0b05d96dd91a670c23bf623eb5cf18252b384c78177cefbc8fde63c69a0ba450b37cacdb
-
SSDEEP
24576:5yioZs8SOZMJzX6dRVrtTC1zJr0dHXsaajR5ZfBShwsYVjDhBMKyUF:V2sHOZMlXcVJkr0tsaajHZfND3MYF
Score8/10-
Modifies Installed Components in the registry
-
Deletes itself
-
Executes dropped EXE
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-