General

  • Target

    ecf44cb520b562581c210b53f0757e17_JaffaCakes118

  • Size

    4.7MB

  • Sample

    240411-jzl5taad8x

  • MD5

    ecf44cb520b562581c210b53f0757e17

  • SHA1

    d159ddd7a1368fd3e4cd9b115eb37cadac553f4d

  • SHA256

    bd7384f28161fd41ee7656527ba1c52e7d40753490609af88c356ab75b0f552a

  • SHA512

    b8c7cc31aecd5bca3549aa4e144e45af663d6947c2f5fce3a7c96bae1072c8baa6670d4156f2ff746dee051114dd4706e59ff2ee22509506b400c9c5df8b0697

  • SSDEEP

    98304:NoTtGsaS0VNkIZnRaLGcNa1877Ry0z7IGKhs0tu464MSo:dSMkI5RGGcg5S0V64M

Score
7/10

Malware Config

Targets

    • Target

      ecf44cb520b562581c210b53f0757e17_JaffaCakes118

    • Size

      4.7MB

    • MD5

      ecf44cb520b562581c210b53f0757e17

    • SHA1

      d159ddd7a1368fd3e4cd9b115eb37cadac553f4d

    • SHA256

      bd7384f28161fd41ee7656527ba1c52e7d40753490609af88c356ab75b0f552a

    • SHA512

      b8c7cc31aecd5bca3549aa4e144e45af663d6947c2f5fce3a7c96bae1072c8baa6670d4156f2ff746dee051114dd4706e59ff2ee22509506b400c9c5df8b0697

    • SSDEEP

      98304:NoTtGsaS0VNkIZnRaLGcNa1877Ry0z7IGKhs0tu464MSo:dSMkI5RGGcg5S0V64M

    Score
    7/10
    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks