General
-
Target
f8939c71062f4499eaa8b86a0580dd54_JaffaCakes118
-
Size
994KB
-
Sample
240418-xvvhaade3v
-
MD5
f8939c71062f4499eaa8b86a0580dd54
-
SHA1
897a18893516b0f3d1d3868e0203dcc9db4dd067
-
SHA256
74aee1418c8050e1bc00b22376870d5628fea6b8ccf367b68723d84cb1614128
-
SHA512
29c95708c6e9af0266d583847fc96d909160023eb2f9336a60fbcb2cd7bbe3952c536cfe0baa9fc19714688d43067f6be8c773cd0c8c85ef4591c5e68eb5b338
-
SSDEEP
24576:4fPWR9AV1O+7sgzp+8fdNGzk2EAKn08/24d83T4b66R+BqyJyn59vuFf:4fPJ15GaALK66kq959v8
Behavioral task
behavioral1
Sample
f8939c71062f4499eaa8b86a0580dd54_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
f8939c71062f4499eaa8b86a0580dd54_JaffaCakes118
-
Size
994KB
-
MD5
f8939c71062f4499eaa8b86a0580dd54
-
SHA1
897a18893516b0f3d1d3868e0203dcc9db4dd067
-
SHA256
74aee1418c8050e1bc00b22376870d5628fea6b8ccf367b68723d84cb1614128
-
SHA512
29c95708c6e9af0266d583847fc96d909160023eb2f9336a60fbcb2cd7bbe3952c536cfe0baa9fc19714688d43067f6be8c773cd0c8c85ef4591c5e68eb5b338
-
SSDEEP
24576:4fPWR9AV1O+7sgzp+8fdNGzk2EAKn08/24d83T4b66R+BqyJyn59vuFf:4fPJ15GaALK66kq959v8
Score9/10-
Nirsoft
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Accesses Microsoft Outlook accounts
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-