General
-
Target
4e06b47814dc39a30f9eb15b56a07bcb_JaffaCakes118
-
Size
772KB
-
Sample
240716-m6p2tsyhpm
-
MD5
4e06b47814dc39a30f9eb15b56a07bcb
-
SHA1
097d3e901cde67eaa3b27e01efdb5278ae1fbe74
-
SHA256
7b053b79cba7a840301f3eb288d7df34f6b2cea43ed9ba92911495af212e4862
-
SHA512
5726fb93f82c1664e618abb701146070e9ea51399e9496cbc0596101720ecc6b82ea9e78cdf728e789debc9c7ca8a7c5764780f43349e4354ca98e4fbc606554
-
SSDEEP
12288:wVqDwXQn/J8SXUWPWIMkBHHwe8/mxQamtW1ntYnGQfVmuIEzy:jTnWS7PWrCwuxQwaPfVuH
Malware Config
Targets
-
-
Target
4e06b47814dc39a30f9eb15b56a07bcb_JaffaCakes118
-
Size
772KB
-
MD5
4e06b47814dc39a30f9eb15b56a07bcb
-
SHA1
097d3e901cde67eaa3b27e01efdb5278ae1fbe74
-
SHA256
7b053b79cba7a840301f3eb288d7df34f6b2cea43ed9ba92911495af212e4862
-
SHA512
5726fb93f82c1664e618abb701146070e9ea51399e9496cbc0596101720ecc6b82ea9e78cdf728e789debc9c7ca8a7c5764780f43349e4354ca98e4fbc606554
-
SSDEEP
12288:wVqDwXQn/J8SXUWPWIMkBHHwe8/mxQamtW1ntYnGQfVmuIEzy:jTnWS7PWrCwuxQwaPfVuH
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-