Overview

overview

7

Static

static

7

2c8bff2e7d...18.exe

windows7-x64

7

2c8bff2e7d...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    2c8bff2e7d16ecaf7b482dabad323e6e_JaffaCakes118

  • Size

    2.3MB

  • Sample

    240708-qvhedsterd

  • MD5

    2c8bff2e7d16ecaf7b482dabad323e6e

  • SHA1

    c81a89a6883986d767d9fa0be45d767b009747eb

  • SHA256

    2e93055ac4a16f1053ccf1e753ecd6c49380e557e76625ef4a43f33c00d16bc7

  • SHA512

    d130057730bb80a062a7cbf5d06812291616f4c704103e339bb43014e595c410241044a9ff6020fdae86c8bd9607918c00a9c487b3c03750011b7dec86e9159e

  • SSDEEP

    49152:+WhS6tKQA2KwtM/a3veD+LOPqEIQ3OHapsF0X:to6tKQAhwtSa3GekqEIQey

Score
7/10
evasionthemida

Malware Config

Targets

    • Target

      2c8bff2e7d16ecaf7b482dabad323e6e_JaffaCakes118

    • Size

      2.3MB

    • MD5

      2c8bff2e7d16ecaf7b482dabad323e6e

    • SHA1

      c81a89a6883986d767d9fa0be45d767b009747eb

    • SHA256

      2e93055ac4a16f1053ccf1e753ecd6c49380e557e76625ef4a43f33c00d16bc7

    • SHA512

      d130057730bb80a062a7cbf5d06812291616f4c704103e339bb43014e595c410241044a9ff6020fdae86c8bd9607918c00a9c487b3c03750011b7dec86e9159e

    • SSDEEP

      49152:+WhS6tKQA2KwtM/a3veD+LOPqEIQ3OHapsF0X:to6tKQAhwtSa3GekqEIQey

    Score
    7/10
    evasionthemida

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

      evasion

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

      themida

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks