General
-
Target
013df95a7479ee4f9389c5dd5313dff7_JaffaCakes118
-
Size
853KB
-
Sample
240426-vk48magb53
-
MD5
013df95a7479ee4f9389c5dd5313dff7
-
SHA1
ccc1485f99b99d0b1c2b951db1a2bfc8dd236e0f
-
SHA256
d2d6fbc91461960e2182756ecbd820f103684b1d1266f28f286dce0548880851
-
SHA512
5be016aff5aaafd1693bba646323ea716361e6b038a5b0ba526461879c43ec82104ac97545af741b1e05d9d68213e234154f881746cc1ef2a1b2effabf1423e1
-
SSDEEP
24576:1Yq2/9nnr5cDNsOQfKJL9ki1arPvi/cjaBYfv:mqaxyDC2JmSoPvikO8
Malware Config
Targets
-
-
Target
013df95a7479ee4f9389c5dd5313dff7_JaffaCakes118
-
Size
853KB
-
MD5
013df95a7479ee4f9389c5dd5313dff7
-
SHA1
ccc1485f99b99d0b1c2b951db1a2bfc8dd236e0f
-
SHA256
d2d6fbc91461960e2182756ecbd820f103684b1d1266f28f286dce0548880851
-
SHA512
5be016aff5aaafd1693bba646323ea716361e6b038a5b0ba526461879c43ec82104ac97545af741b1e05d9d68213e234154f881746cc1ef2a1b2effabf1423e1
-
SSDEEP
24576:1Yq2/9nnr5cDNsOQfKJL9ki1arPvi/cjaBYfv:mqaxyDC2JmSoPvikO8
Score7/10-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Loads dropped DLL
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Suspicious use of SetThreadContext
-