Analysis
-
max time kernel
147s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system -
submitted
20-06-2024 10:19
Static task
static1
Behavioral task
behavioral1
Sample
0517b0613e9bc016de8232847e25d92c_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
0517b0613e9bc016de8232847e25d92c_JaffaCakes118.exe
Resource
win10v2004-20240508-en
General
-
Target
0517b0613e9bc016de8232847e25d92c_JaffaCakes118.exe
-
Size
662KB
-
MD5
0517b0613e9bc016de8232847e25d92c
-
SHA1
8242dc29e7cf0dfcc003d516ea2519bb988f1331
-
SHA256
511c0e53d4d823a3a916eb3e7c777f1d4f9d38f0da43af7cdaeb878f5108ae65
-
SHA512
b7107640651dbd3c229f8f17c45c8b2cd3146748b0f956a5813240658fcae4cdfab20766f613be1e5cc3713958d124f7e8d4da6c92d58674b6868e66f343f07d
-
SSDEEP
12288:rqGZ8ncXHupt22tY433iuw12IFztImgZahByYw0GWFTsZtUYTj/wefpI:Cc3/43yuSWmC0UtZj/wAI
Malware Config
Signatures
-
Identifies Wine through registry keys 2 TTPs 1 IoCs
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
Processes:
0517b0613e9bc016de8232847e25d92c_JaffaCakes118.exedescription ioc process Key opened \REGISTRY\USER\S-1-5-21-2539840389-1261165778-1087677076-1000\Software\Wine 0517b0613e9bc016de8232847e25d92c_JaffaCakes118.exe