8a542e1a36fe53c39a3ea8e4fee04df003d4d1b2b3933fc3441872d80474415c | Triage

Submit
Reports

Overview

overview

7

Static

static

7

3416be98fc...18.exe

windows7-x64

7

3416be98fc...18.exe

windows10-2004-x64

7

Sharing

General

Target

3416be98fc24105318b829ffd2475b06_JaffaCakes118
Size

1.0MB
Sample

240710-k3e2ca1cna
MD5

3416be98fc24105318b829ffd2475b06
SHA1

eaf9795d556fc7ae9251e92c1c647dcfd8113691
SHA256

8a542e1a36fe53c39a3ea8e4fee04df003d4d1b2b3933fc3441872d80474415c
SHA512

2382fe13982dcb7d409bb77d2e92407579295fa48fa5d569d16cffe559e6c827fceb01d4432b7646f686e543615ef9678ad986211d86cbcdbe5512bccd255a84
SSDEEP

24576:c9i4gqq3fompnmpx2iHcz35/JjLnKH01LO0E4tO/R8VD7Ve:oibfLkd8nLKDp4tO/SZVe

Score

7^/10

evasion themida

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

3416be98fc24105318b829ffd2475b06_JaffaCakes118.exe

Resource

win7-20240708-en

evasion themida

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

3416be98fc24105318b829ffd2475b06_JaffaCakes118.exe

Resource

win10v2004-20240709-en

evasion themida

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  3416be98fc24105318b829ffd2475b06_JaffaCakes118
- Size
  
  1.0MB
- MD5
  
  3416be98fc24105318b829ffd2475b06
- SHA1
  
  eaf9795d556fc7ae9251e92c1c647dcfd8113691
- SHA256
  
  8a542e1a36fe53c39a3ea8e4fee04df003d4d1b2b3933fc3441872d80474415c
- SHA512
  
  2382fe13982dcb7d409bb77d2e92407579295fa48fa5d569d16cffe559e6c827fceb01d4432b7646f686e543615ef9678ad986211d86cbcdbe5512bccd255a84
- SSDEEP
  
  24576:c9i4gqq3fompnmpx2iHcz35/JjLnKH01LO0E4tO/R8VD7Ve:oibfLkd8nLKDp4tO/SZVe
Score

7^/10

evasion themida
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Identifies Wine through registry keys
  Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
  evasion
- Themida packer
  Detects Themida, an advanced Windows software protection system.
  themida
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy