Overview

overview

9

Static

static

3

19fcb842d5...18.exe

windows7-x64

9

19fcb842d5...18.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    19fcb842d5e823e9f59a7b5e236e2940_JaffaCakes118

  • Size

    1.2MB

  • Sample

    240628-nvdp4azgrr

  • MD5

    19fcb842d5e823e9f59a7b5e236e2940

  • SHA1

    b7e7cf9015a036b2eaa0f4d429470547d93e8995

  • SHA256

    f626dc971650906c48bec583dc9e4b695295fed05ce64c6ae3feb0907810377a

  • SHA512

    ad35e245089bfb9d37c87a52ee86443c5ac02131eb527de696bc4aba8b965746f32bdaa4b1fb1ac2c2d267f98c8d9d9220fbba9cf2cc0a706c3d8586cd780f82

  • SSDEEP

    24576:IPqEaKempBdJj3mR5e0vy3PkD77tSkoPI4yHYKgZM7e+pYmwMESC:nKPpRmiP38DlmrZ9+2Rz

Score
9/10
evasion

Malware Config

Targets

    • Target

      19fcb842d5e823e9f59a7b5e236e2940_JaffaCakes118

    • Size

      1.2MB

    • MD5

      19fcb842d5e823e9f59a7b5e236e2940

    • SHA1

      b7e7cf9015a036b2eaa0f4d429470547d93e8995

    • SHA256

      f626dc971650906c48bec583dc9e4b695295fed05ce64c6ae3feb0907810377a

    • SHA512

      ad35e245089bfb9d37c87a52ee86443c5ac02131eb527de696bc4aba8b965746f32bdaa4b1fb1ac2c2d267f98c8d9d9220fbba9cf2cc0a706c3d8586cd780f82

    • SSDEEP

      24576:IPqEaKempBdJj3mR5e0vy3PkD77tSkoPI4yHYKgZM7e+pYmwMESC:nKPpRmiP38DlmrZ9+2Rz

    Score
    9/10
    evasion

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

      evasion

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks