General
-
Target
edb53e50a74e60db840bb9f2c4534f63_JaffaCakes118
-
Size
615KB
-
Sample
240411-sgvtnshb6x
-
MD5
edb53e50a74e60db840bb9f2c4534f63
-
SHA1
ced3bd659ff4b827ef0cacefa131ef8228b26bbe
-
SHA256
9475a151d99e56023c9af9b5718b63d2b59c9d85b42c7fe0f617429f89ea0263
-
SHA512
42f79829aedc39f0010e8eab64026799e1737fd0b02e8880e9d51cc38c65cdd7e89406f7c002b4f52b87e88f99c6a326bb8583c4690f4bebbba723bb0d406bbd
-
SSDEEP
12288:7g6A048DwLssKoycuFQa029REL+wGEg5sLCy2h5VFC5/78J7sVfO:7g6AIwxOFV10Lt9WlFVe/7m7YfO
Behavioral task
behavioral1
Sample
edb53e50a74e60db840bb9f2c4534f63_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
edb53e50a74e60db840bb9f2c4534f63_JaffaCakes118
-
Size
615KB
-
MD5
edb53e50a74e60db840bb9f2c4534f63
-
SHA1
ced3bd659ff4b827ef0cacefa131ef8228b26bbe
-
SHA256
9475a151d99e56023c9af9b5718b63d2b59c9d85b42c7fe0f617429f89ea0263
-
SHA512
42f79829aedc39f0010e8eab64026799e1737fd0b02e8880e9d51cc38c65cdd7e89406f7c002b4f52b87e88f99c6a326bb8583c4690f4bebbba723bb0d406bbd
-
SSDEEP
12288:7g6A048DwLssKoycuFQa029REL+wGEg5sLCy2h5VFC5/78J7sVfO:7g6AIwxOFV10Lt9WlFVe/7m7YfO
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-