General
-
Target
ecf44cb520b562581c210b53f0757e17_JaffaCakes118
-
Size
4.7MB
-
Sample
240411-jzl5taad8x
-
MD5
ecf44cb520b562581c210b53f0757e17
-
SHA1
d159ddd7a1368fd3e4cd9b115eb37cadac553f4d
-
SHA256
bd7384f28161fd41ee7656527ba1c52e7d40753490609af88c356ab75b0f552a
-
SHA512
b8c7cc31aecd5bca3549aa4e144e45af663d6947c2f5fce3a7c96bae1072c8baa6670d4156f2ff746dee051114dd4706e59ff2ee22509506b400c9c5df8b0697
-
SSDEEP
98304:NoTtGsaS0VNkIZnRaLGcNa1877Ry0z7IGKhs0tu464MSo:dSMkI5RGGcg5S0V64M
Behavioral task
behavioral1
Sample
ecf44cb520b562581c210b53f0757e17_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
ecf44cb520b562581c210b53f0757e17_JaffaCakes118
-
Size
4.7MB
-
MD5
ecf44cb520b562581c210b53f0757e17
-
SHA1
d159ddd7a1368fd3e4cd9b115eb37cadac553f4d
-
SHA256
bd7384f28161fd41ee7656527ba1c52e7d40753490609af88c356ab75b0f552a
-
SHA512
b8c7cc31aecd5bca3549aa4e144e45af663d6947c2f5fce3a7c96bae1072c8baa6670d4156f2ff746dee051114dd4706e59ff2ee22509506b400c9c5df8b0697
-
SSDEEP
98304:NoTtGsaS0VNkIZnRaLGcNa1877Ry0z7IGKhs0tu464MSo:dSMkI5RGGcg5S0V64M
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-