General
-
Target
a39f13d83c7f38e3bb19e33b5149db4b_JaffaCakes118
-
Size
1.1MB
-
Sample
240613-dlcrbswbmq
-
MD5
a39f13d83c7f38e3bb19e33b5149db4b
-
SHA1
c7b7856765d8a3780a6c67029a874eba87abb831
-
SHA256
243d6e98f14423d1cdeea3a7f11d4bb8e2a168991312ac2443c1f69d3346e3e6
-
SHA512
26e71b83e067a460d7e279ca2829cef1433b65d0e84e27e64243b900a6d479b41a26d38f6d02d310595841d4c454f35a2cd7eb56c5b24702953a448e3528285c
-
SSDEEP
24576:aMjtdFF1r7tQLf/9fOeEfJkgvvEEWhtkk9vrinl:FjtHf1oJA1iWyvra
Static task
static1
Behavioral task
behavioral1
Sample
a39f13d83c7f38e3bb19e33b5149db4b_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
a39f13d83c7f38e3bb19e33b5149db4b_JaffaCakes118.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
a39f13d83c7f38e3bb19e33b5149db4b_JaffaCakes118
-
Size
1.1MB
-
MD5
a39f13d83c7f38e3bb19e33b5149db4b
-
SHA1
c7b7856765d8a3780a6c67029a874eba87abb831
-
SHA256
243d6e98f14423d1cdeea3a7f11d4bb8e2a168991312ac2443c1f69d3346e3e6
-
SHA512
26e71b83e067a460d7e279ca2829cef1433b65d0e84e27e64243b900a6d479b41a26d38f6d02d310595841d4c454f35a2cd7eb56c5b24702953a448e3528285c
-
SSDEEP
24576:aMjtdFF1r7tQLf/9fOeEfJkgvvEEWhtkk9vrinl:FjtHf1oJA1iWyvra
Score7/10-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Suspicious use of SetThreadContext
-