General

  • Target

    f54235cb264435c2926c05ecac1c8632_JaffaCakes118

  • Size

    2.5MB

  • Sample

    240417-h3edpsab81

  • MD5

    f54235cb264435c2926c05ecac1c8632

  • SHA1

    6a93fd8a3ebebc83dbbfa4197e3a49dbd7747d1a

  • SHA256

    79eca855e79b38189e7f7a9c38a5cd3cf64f3b72c82abe1f2df91198a49c09e0

  • SHA512

    d17c3a750ea68e2e467f881b35e756a64369045b1b1992baeeec8d3b7faf05a97e94e8f5f6068d27586a82443b704b32d26f9f4e4c0b8143d0a747c7d21ea65f

  • SSDEEP

    49152:p6SpFBht6nWXMVI/HjLNazT3Png32gP1s+JNpP74cF3rGi2:p6+InmHkn3PnQPW2zhrGi2

Score
7/10

Malware Config

Targets

    • Target

      f54235cb264435c2926c05ecac1c8632_JaffaCakes118

    • Size

      2.5MB

    • MD5

      f54235cb264435c2926c05ecac1c8632

    • SHA1

      6a93fd8a3ebebc83dbbfa4197e3a49dbd7747d1a

    • SHA256

      79eca855e79b38189e7f7a9c38a5cd3cf64f3b72c82abe1f2df91198a49c09e0

    • SHA512

      d17c3a750ea68e2e467f881b35e756a64369045b1b1992baeeec8d3b7faf05a97e94e8f5f6068d27586a82443b704b32d26f9f4e4c0b8143d0a747c7d21ea65f

    • SSDEEP

      49152:p6SpFBht6nWXMVI/HjLNazT3Png32gP1s+JNpP74cF3rGi2:p6+InmHkn3PnQPW2zhrGi2

    Score
    7/10
    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    • Checks whether UAC is enabled

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks