Overview

overview

7

Static

static

7

4658e16f67...18.dll

windows7-x64

7

4658e16f67...18.dll

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4658e16f67e88d091d9dec7baaa1c890_JaffaCakes118

  • Size

    671KB

  • Sample

    240714-shh69svhlm

  • MD5

    4658e16f67e88d091d9dec7baaa1c890

  • SHA1

    d624f4122a7656a52687489e09593374cd5bf108

  • SHA256

    6f3e1a04273091850a947989761345ffcdef010bcac1ae8e28fd88fd575e2613

  • SHA512

    993fe61581b3ec90353eb081daf2399eb190ad95eac164a5d70b5a488677e88a61095556b7822b9c5fe2cab1b3844469974eb33a2c088f2db271a27e9a2a4b1e

  • SSDEEP

    12288:1mEDy79JhmzDc1HIaAHektIDaeLcfH6v/bjmMdGjFAL:kEKhgDSodHxN6Hg

Score
7/10
evasionthemida

Malware Config

Targets

    • Target

      4658e16f67e88d091d9dec7baaa1c890_JaffaCakes118

    • Size

      671KB

    • MD5

      4658e16f67e88d091d9dec7baaa1c890

    • SHA1

      d624f4122a7656a52687489e09593374cd5bf108

    • SHA256

      6f3e1a04273091850a947989761345ffcdef010bcac1ae8e28fd88fd575e2613

    • SHA512

      993fe61581b3ec90353eb081daf2399eb190ad95eac164a5d70b5a488677e88a61095556b7822b9c5fe2cab1b3844469974eb33a2c088f2db271a27e9a2a4b1e

    • SSDEEP

      12288:1mEDy79JhmzDc1HIaAHektIDaeLcfH6v/bjmMdGjFAL:kEKhgDSodHxN6Hg

    Score
    7/10
    evasionthemida

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

      evasion

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

      themida

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks