General
-
Target
fcbd8a03a6a91bef66883f9fc0b48dde_JaffaCakes118
-
Size
5.4MB
-
Sample
240420-pbmz4agd68
-
MD5
fcbd8a03a6a91bef66883f9fc0b48dde
-
SHA1
3daa5d8122db96d90024f311d87a4c01e51ebdde
-
SHA256
3d49c05f0617712a41086b94f75027eb163bc1bfa92dee1ec1b78582eec32ca8
-
SHA512
a8582d9eb76cdf20c1d21706ed3cec3bccdfcc979d98be94a43ee9ec9e0cbe6afe6f3abca317c163700fbda17681c6e757f96d9fe43f80691a4bf0d623bc69a0
-
SSDEEP
49152:l3fCOfIHzooLFw1NZMISzxttv068D/a4tAfFhvMkDP6IKnGmqlXfX:l3fCOfIHzNLG1F0Dut/8hvMmS5qlP
Behavioral task
behavioral1
Sample
fcbd8a03a6a91bef66883f9fc0b48dde_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
fcbd8a03a6a91bef66883f9fc0b48dde_JaffaCakes118
-
Size
5.4MB
-
MD5
fcbd8a03a6a91bef66883f9fc0b48dde
-
SHA1
3daa5d8122db96d90024f311d87a4c01e51ebdde
-
SHA256
3d49c05f0617712a41086b94f75027eb163bc1bfa92dee1ec1b78582eec32ca8
-
SHA512
a8582d9eb76cdf20c1d21706ed3cec3bccdfcc979d98be94a43ee9ec9e0cbe6afe6f3abca317c163700fbda17681c6e757f96d9fe43f80691a4bf0d623bc69a0
-
SSDEEP
49152:l3fCOfIHzooLFw1NZMISzxttv068D/a4tAfFhvMkDP6IKnGmqlXfX:l3fCOfIHzNLG1F0Dut/8hvMmS5qlP
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-