General
-
Target
a2cfa61a44230f81354efe9aa903fc80_JaffaCakes118
-
Size
195KB
-
Sample
240612-2w5f4axgkj
-
MD5
a2cfa61a44230f81354efe9aa903fc80
-
SHA1
f77a12cc89754c310e0e50cf6bb7be04f0e1ef78
-
SHA256
1819930f82f6f62e20fc9354adf15972cacc722bfd00c8ed504d93cc244abc9e
-
SHA512
1da2c901ca8425da7efef2eab51e1f251d442b05a3d452e7dbe5caa9677f7711e56808a2c6f988c69e52c58cfc79e2692be9913f397600f18a51655bf5373baf
-
SSDEEP
3072:AMLTvZGQpv5CZ8L9xCk9sDouyd4v7DrMffOloB5+kE0ASxTj4pYFbhfet69Hlz:dLTRGS3xCYWjMffOloB5ia4WH
Static task
static1
Behavioral task
behavioral1
Sample
a2cfa61a44230f81354efe9aa903fc80_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
a2cfa61a44230f81354efe9aa903fc80_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
a2cfa61a44230f81354efe9aa903fc80_JaffaCakes118
-
Size
195KB
-
MD5
a2cfa61a44230f81354efe9aa903fc80
-
SHA1
f77a12cc89754c310e0e50cf6bb7be04f0e1ef78
-
SHA256
1819930f82f6f62e20fc9354adf15972cacc722bfd00c8ed504d93cc244abc9e
-
SHA512
1da2c901ca8425da7efef2eab51e1f251d442b05a3d452e7dbe5caa9677f7711e56808a2c6f988c69e52c58cfc79e2692be9913f397600f18a51655bf5373baf
-
SSDEEP
3072:AMLTvZGQpv5CZ8L9xCk9sDouyd4v7DrMffOloB5+kE0ASxTj4pYFbhfet69Hlz:dLTRGS3xCYWjMffOloB5ia4WH
Score7/10-
Deletes itself
-
Executes dropped EXE
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Loads dropped DLL
-
Adds Run key to start application
-