General
-
Target
4b0a169d80d78549b44a0f0ea4fb0191_JaffaCakes118
-
Size
1.2MB
-
Sample
240715-xxkqvsvfjm
-
MD5
4b0a169d80d78549b44a0f0ea4fb0191
-
SHA1
39bfa760351066f333d4fc3053524387c5730050
-
SHA256
02aa46cd62cd1e27536ae6ebf261492e23a2c8bb83dc0d2473c681c97eec2944
-
SHA512
84f00331dd0c6dfb5233262a216f314108c85a2c00c19648248e69f45600d1832d954ed6e6d6b303103a57e589b3da7c7d27ed90f2ec07a2ace4902b319efafc
-
SSDEEP
24576:7XzJMraziZ9yieOodKLZZSuZDlJYJeNcKO7ckyvFuBSXTAZ3wua8ZXRl5xysqE7/:Tz+GEmQLXBJYJeTO7clAZLZzbysf7QKd
Malware Config
Targets
-
-
Target
4b0a169d80d78549b44a0f0ea4fb0191_JaffaCakes118
-
Size
1.2MB
-
MD5
4b0a169d80d78549b44a0f0ea4fb0191
-
SHA1
39bfa760351066f333d4fc3053524387c5730050
-
SHA256
02aa46cd62cd1e27536ae6ebf261492e23a2c8bb83dc0d2473c681c97eec2944
-
SHA512
84f00331dd0c6dfb5233262a216f314108c85a2c00c19648248e69f45600d1832d954ed6e6d6b303103a57e589b3da7c7d27ed90f2ec07a2ace4902b319efafc
-
SSDEEP
24576:7XzJMraziZ9yieOodKLZZSuZDlJYJeNcKO7ckyvFuBSXTAZ3wua8ZXRl5xysqE7/:Tz+GEmQLXBJYJeTO7clAZLZzbysf7QKd
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-