Overview

overview

7

Static

static

7

36cbea54af...18.exe

windows7-x64

7

36cbea54af...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    36cbea54af5bb4d9d572e82ce3be081e_JaffaCakes118

  • Size

    667KB

  • Sample

    240710-29qvvsvhlp

  • MD5

    36cbea54af5bb4d9d572e82ce3be081e

  • SHA1

    36c916f9701289dbbaf900cb922a6b470b0e8853

  • SHA256

    c1e94bff63a5e167f773a98c486a9246aa4034b8cf24a71d8eb68082d807bc02

  • SHA512

    6ac75b8164264eead501e3411a0dd9c165b245667f42c524d965978a55c60e861efdd4a0e1f3d7860fd138861677fbf9ef9067f0fece7946bcb472ad586c249c

  • SSDEEP

    12288:o9WtNlRAwYj/BNYCMT9mJKffGMRa7yzYCwSa3JUEhvyDtuc4uHBsL5G:o9s5AwYjZNYCkFfOMjr4UEcpS5G

Score
7/10
evasionthemida

Malware Config

Targets

    • Target

      36cbea54af5bb4d9d572e82ce3be081e_JaffaCakes118

    • Size

      667KB

    • MD5

      36cbea54af5bb4d9d572e82ce3be081e

    • SHA1

      36c916f9701289dbbaf900cb922a6b470b0e8853

    • SHA256

      c1e94bff63a5e167f773a98c486a9246aa4034b8cf24a71d8eb68082d807bc02

    • SHA512

      6ac75b8164264eead501e3411a0dd9c165b245667f42c524d965978a55c60e861efdd4a0e1f3d7860fd138861677fbf9ef9067f0fece7946bcb472ad586c249c

    • SSDEEP

      12288:o9WtNlRAwYj/BNYCMT9mJKffGMRa7yzYCwSa3JUEhvyDtuc4uHBsL5G:o9s5AwYjZNYCkFfOMjr4UEcpS5G

    Score
    7/10
    evasionthemida

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

      evasion

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

      themida
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks