General
-
Target
a9d75a3e2b3657d37fbbad932e3b0dd9_JaffaCakes118
-
Size
2.1MB
-
Sample
240614-qd3zrswapr
-
MD5
a9d75a3e2b3657d37fbbad932e3b0dd9
-
SHA1
819c5e5263f47286a079f0830a3c4a8dfa47f788
-
SHA256
8389e63bbc587215fcd942b6e6a838cdbe662c5823c4b77715a5fca95fd6d4d2
-
SHA512
fcc20d3a2492ed51f6103e263e7eef76a17eab7d0bcb072f8e483c68998bfd1db09903b31395908f6d8494d2b162aabd9652d7c9f2011c72d6948a3a7f951625
-
SSDEEP
49152:wUJmMbZnPkGvuavQEvCGKOOUJFfqSW5mFamR:wUJm6ZnsYvQG2afqShamR
Malware Config
Targets
-
-
Target
a9d75a3e2b3657d37fbbad932e3b0dd9_JaffaCakes118
-
Size
2.1MB
-
MD5
a9d75a3e2b3657d37fbbad932e3b0dd9
-
SHA1
819c5e5263f47286a079f0830a3c4a8dfa47f788
-
SHA256
8389e63bbc587215fcd942b6e6a838cdbe662c5823c4b77715a5fca95fd6d4d2
-
SHA512
fcc20d3a2492ed51f6103e263e7eef76a17eab7d0bcb072f8e483c68998bfd1db09903b31395908f6d8494d2b162aabd9652d7c9f2011c72d6948a3a7f951625
-
SSDEEP
49152:wUJmMbZnPkGvuavQEvCGKOOUJFfqSW5mFamR:wUJm6ZnsYvQG2afqShamR
Score10/10-
Azorult
An information stealer that was first discovered in 2016, targeting browsing history and passwords.
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Checks whether UAC is enabled
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-