General
-
Target
a583fb01985510981e6f38a869ccbb95_JaffaCakes118
-
Size
1.1MB
-
Sample
240613-pkysysycna
-
MD5
a583fb01985510981e6f38a869ccbb95
-
SHA1
f83988ab22e874b5e4b2ac6a8c6464408bd41bc3
-
SHA256
004247d8c00e09c6ac03b7d9d7681327a678411939678c5aa12eb4d4d9f24562
-
SHA512
8e1e54deb2efe4f419584554f828b630f32bb06884ac024000b99d88b2dd2f007917ba8a4920069b5117a9f61990d7080025af322f529962030906acfd5bf8f8
-
SSDEEP
24576:OcWdcRqqXDRypx3iTY+5qWkEQrtEoH4PC40RtK:Oc5mdjeoHsC3PK
Malware Config
Targets
-
-
Target
a583fb01985510981e6f38a869ccbb95_JaffaCakes118
-
Size
1.1MB
-
MD5
a583fb01985510981e6f38a869ccbb95
-
SHA1
f83988ab22e874b5e4b2ac6a8c6464408bd41bc3
-
SHA256
004247d8c00e09c6ac03b7d9d7681327a678411939678c5aa12eb4d4d9f24562
-
SHA512
8e1e54deb2efe4f419584554f828b630f32bb06884ac024000b99d88b2dd2f007917ba8a4920069b5117a9f61990d7080025af322f529962030906acfd5bf8f8
-
SSDEEP
24576:OcWdcRqqXDRypx3iTY+5qWkEQrtEoH4PC40RtK:Oc5mdjeoHsC3PK
Score7/10-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Suspicious use of SetThreadContext
-