Analysis
-
max time kernel
149s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20240611-en -
resource tags
arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system -
submitted
20-06-2024 10:41
Static task
static1
Behavioral task
behavioral1
Sample
053cecb41b7f26f18803ce2c4ccc31ae_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
053cecb41b7f26f18803ce2c4ccc31ae_JaffaCakes118.exe
Resource
win10v2004-20240611-en
General
-
Target
053cecb41b7f26f18803ce2c4ccc31ae_JaffaCakes118.exe
-
Size
525KB
-
MD5
053cecb41b7f26f18803ce2c4ccc31ae
-
SHA1
bb8d67a6011626bd89859fa4a1ea7f82ad8bc983
-
SHA256
3724498636d6faa08ce64a2e9e3cc91ffdc3fd3238715b6a95d2bd65d08e17d4
-
SHA512
d4b3689ca0c23f4d8a66cc26c4f8eab53eb8f4d371574e4e22fb68e9c735addfcc161b79282311eb7df1e7421f74596411c7775e8ccb8ab23684fc5767c6a525
-
SSDEEP
12288:wfEjYwprWJQnrCJy98ZmVyB3/lshbE7ok0VaxXcQW81VQK6I9t:wfJEaSrCFcAZtiI0vYxXcNCQk
Malware Config
Signatures
-
Identifies Wine through registry keys 2 TTPs 1 IoCs
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
Processes:
053cecb41b7f26f18803ce2c4ccc31ae_JaffaCakes118.exedescription ioc process Key opened \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000\Software\Wine 053cecb41b7f26f18803ce2c4ccc31ae_JaffaCakes118.exe