Overview

overview

7

Static

static

7

3a5ba4b161...18.exe

windows7-x64

7

3a5ba4b161...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3a5ba4b161d59ce10b170c457b81cc74_JaffaCakes118

  • Size

    688KB

  • Sample

    240711-xl7fgszcjn

  • MD5

    3a5ba4b161d59ce10b170c457b81cc74

  • SHA1

    5a1736a9108a248c044eb5f68ae138eb43f6a9b2

  • SHA256

    113767142a5f99079431e5cfeb8d260f9dbf35776fb95e9edb00fbd15acb7de6

  • SHA512

    19d37c22bfd720f82060f04e1ea6b7bffc954d2cdcfdb9615985c639646b99951e92933f5988a5d9aaddd0bab5a2e35e950239d828d17730893abcf88bc1115a

  • SSDEEP

    12288:3IL0C8T2gACsYqTjAF+EW1jY/Udw9lK58alsO9GGE+P:YLNBgKYqTjAFlojYtn48nO9J

Score
7/10
evasionthemida

Malware Config

Targets

    • Target

      3a5ba4b161d59ce10b170c457b81cc74_JaffaCakes118

    • Size

      688KB

    • MD5

      3a5ba4b161d59ce10b170c457b81cc74

    • SHA1

      5a1736a9108a248c044eb5f68ae138eb43f6a9b2

    • SHA256

      113767142a5f99079431e5cfeb8d260f9dbf35776fb95e9edb00fbd15acb7de6

    • SHA512

      19d37c22bfd720f82060f04e1ea6b7bffc954d2cdcfdb9615985c639646b99951e92933f5988a5d9aaddd0bab5a2e35e950239d828d17730893abcf88bc1115a

    • SSDEEP

      12288:3IL0C8T2gACsYqTjAF+EW1jY/Udw9lK58alsO9GGE+P:YLNBgKYqTjAFlojYtn48nO9J

    Score
    7/10
    evasionthemida

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

      evasion

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

      themida
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks