General
-
Target
ef4bfee5c7fd0147253acf0afe641d62_JaffaCakes118
-
Size
592KB
-
Sample
240412-gywxhsbd6z
-
MD5
ef4bfee5c7fd0147253acf0afe641d62
-
SHA1
e83d35fb96f5df0ec1a226bea13d4a3201629d89
-
SHA256
32d461e69b3ecac887827372d44e2b74e45dda6f55baf55e146d8c50278e1a1f
-
SHA512
aff9059060d14280bbad769b9ee1ebcdcd69efa9742d154f9025680518d55f08e29335fdd0a001c7e3ab840ebaac647b10ca7d28fb5eaa776952103b6f8bd6cd
-
SSDEEP
12288:xz9e5jcHx3AAwDv7Y3S5ZCOScs/k9dvQVtey8xsXTPvjUD:xz9wjC3AA3Ak/k9qVLnDXjUD
Behavioral task
behavioral1
Sample
ef4bfee5c7fd0147253acf0afe641d62_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
ef4bfee5c7fd0147253acf0afe641d62_JaffaCakes118
-
Size
592KB
-
MD5
ef4bfee5c7fd0147253acf0afe641d62
-
SHA1
e83d35fb96f5df0ec1a226bea13d4a3201629d89
-
SHA256
32d461e69b3ecac887827372d44e2b74e45dda6f55baf55e146d8c50278e1a1f
-
SHA512
aff9059060d14280bbad769b9ee1ebcdcd69efa9742d154f9025680518d55f08e29335fdd0a001c7e3ab840ebaac647b10ca7d28fb5eaa776952103b6f8bd6cd
-
SSDEEP
12288:xz9e5jcHx3AAwDv7Y3S5ZCOScs/k9dvQVtey8xsXTPvjUD:xz9wjC3AA3Ak/k9qVLnDXjUD
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-