General

  • Target

    12dfac994653175d8d7cba8aea29dbde_JaffaCakes118

  • Size

    748KB

  • Sample

    240626-wgx6ksybqq

  • MD5

    12dfac994653175d8d7cba8aea29dbde

  • SHA1

    1a8e8f6a4f05ff23f05cf04778aa2077656e5f06

  • SHA256

    233ddfd1cda4b3869d49f2918109728f615ead325ded475987ede205f9292d15

  • SHA512

    1604c6afd005efd6f000147ae9a203c1eef79521016c0e80c3b851cd2bfb1810004eadec69bed83d6161b90b6e9a26432b27be412bea5eced35f0afb183a5430

  • SSDEEP

    12288:oM5MA2GEHDDR3mIGokK3DKnk04bPndxJuAwoWzO4v70u9FjpvIljS874339QO9Ld:qAjEHDD4IkyPlxJRw5i4vJpvye66G3un

Malware Config

Targets

    • Target

      12dfac994653175d8d7cba8aea29dbde_JaffaCakes118

    • Size

      748KB

    • MD5

      12dfac994653175d8d7cba8aea29dbde

    • SHA1

      1a8e8f6a4f05ff23f05cf04778aa2077656e5f06

    • SHA256

      233ddfd1cda4b3869d49f2918109728f615ead325ded475987ede205f9292d15

    • SHA512

      1604c6afd005efd6f000147ae9a203c1eef79521016c0e80c3b851cd2bfb1810004eadec69bed83d6161b90b6e9a26432b27be412bea5eced35f0afb183a5430

    • SSDEEP

      12288:oM5MA2GEHDDR3mIGokK3DKnk04bPndxJuAwoWzO4v70u9FjpvIljS874339QO9Ld:qAjEHDD4IkyPlxJRw5i4vJpvye66G3un

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks