General

  • Target

    edb53e50a74e60db840bb9f2c4534f63_JaffaCakes118

  • Size

    615KB

  • Sample

    240411-sgvtnshb6x

  • MD5

    edb53e50a74e60db840bb9f2c4534f63

  • SHA1

    ced3bd659ff4b827ef0cacefa131ef8228b26bbe

  • SHA256

    9475a151d99e56023c9af9b5718b63d2b59c9d85b42c7fe0f617429f89ea0263

  • SHA512

    42f79829aedc39f0010e8eab64026799e1737fd0b02e8880e9d51cc38c65cdd7e89406f7c002b4f52b87e88f99c6a326bb8583c4690f4bebbba723bb0d406bbd

  • SSDEEP

    12288:7g6A048DwLssKoycuFQa029REL+wGEg5sLCy2h5VFC5/78J7sVfO:7g6AIwxOFV10Lt9WlFVe/7m7YfO

Score
7/10

Malware Config

Targets

    • Target

      edb53e50a74e60db840bb9f2c4534f63_JaffaCakes118

    • Size

      615KB

    • MD5

      edb53e50a74e60db840bb9f2c4534f63

    • SHA1

      ced3bd659ff4b827ef0cacefa131ef8228b26bbe

    • SHA256

      9475a151d99e56023c9af9b5718b63d2b59c9d85b42c7fe0f617429f89ea0263

    • SHA512

      42f79829aedc39f0010e8eab64026799e1737fd0b02e8880e9d51cc38c65cdd7e89406f7c002b4f52b87e88f99c6a326bb8583c4690f4bebbba723bb0d406bbd

    • SSDEEP

      12288:7g6A048DwLssKoycuFQa029REL+wGEg5sLCy2h5VFC5/78J7sVfO:7g6AIwxOFV10Lt9WlFVe/7m7YfO

    Score
    7/10
    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks