Analysis
-
max time kernel
93s -
max time network
113s -
platform
windows10-2004_x64 -
resource
win10v2004-20240412-en -
resource tags
arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system -
submitted
16-04-2024 04:18
Behavioral task
behavioral1
Sample
f2ad0e284b8f76c0c1eb239017466836_JaffaCakes118.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
f2ad0e284b8f76c0c1eb239017466836_JaffaCakes118.exe
Resource
win10v2004-20240412-en
General
-
Target
f2ad0e284b8f76c0c1eb239017466836_JaffaCakes118.exe
-
Size
743KB
-
MD5
f2ad0e284b8f76c0c1eb239017466836
-
SHA1
f20522b3c5790420e108240c76998d05a32773e5
-
SHA256
cf7395ed7710817d358321e6fd7a0a18984ad52552e816807168990200b5a1ab
-
SHA512
6b8c8e1ce8d1897bbdbc6894b9cc81e699aa32b38a36d87b2d2514eb361e4ff4f1c23461c80e07434ff635221766c8909cbf04ac96007bff336e3e3da9f91d76
-
SSDEEP
12288:M7CkTL36WOSXGRg1lv9Ttr4kqFO+JzbuUUkg/TqWwnuOdEiMPHtECjGeJxS+IP1K:LkTL3WSpb9akqtZuUUk0TqWwnjJMPHSY
Malware Config
Signatures
-
Identifies Wine through registry keys 2 TTPs 1 IoCs
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
Processes:
f2ad0e284b8f76c0c1eb239017466836_JaffaCakes118.exedescription ioc Process Key opened \REGISTRY\USER\S-1-5-21-355664440-2199602304-1223909400-1000\Software\Wine f2ad0e284b8f76c0c1eb239017466836_JaffaCakes118.exe