General

  • Target

    621d9a837770f69488e49f50454b523b_JaffaCakes118

  • Size

    1.7MB

  • Sample

    240722-a6vk4awbqm

  • MD5

    621d9a837770f69488e49f50454b523b

  • SHA1

    73c3296c1752de181871b588dee20fca2d390f90

  • SHA256

    91cecb3e958ca821ccfe64492a003ca65b7e7cd0fb33575de8e79d22bdd07877

  • SHA512

    113d2b016c1d5f6fff732fded79e1dd90e154d347d0e705c212094dbe859b6bcf24a02c243392f204e70147bf16c91337c708ed4364694d39413d929a84bbb4c

  • SSDEEP

    49152:uTyGGGS+O4sljR/roQA2L5TELbVMTrOq4whQol:wcGS+ARR2e5T6b+fDhQY

Score
10/10

Malware Config

Targets

    • Target

      621d9a837770f69488e49f50454b523b_JaffaCakes118

    • Size

      1.7MB

    • MD5

      621d9a837770f69488e49f50454b523b

    • SHA1

      73c3296c1752de181871b588dee20fca2d390f90

    • SHA256

      91cecb3e958ca821ccfe64492a003ca65b7e7cd0fb33575de8e79d22bdd07877

    • SHA512

      113d2b016c1d5f6fff732fded79e1dd90e154d347d0e705c212094dbe859b6bcf24a02c243392f204e70147bf16c91337c708ed4364694d39413d929a84bbb4c

    • SSDEEP

      49152:uTyGGGS+O4sljR/roQA2L5TELbVMTrOq4whQol:wcGS+ARR2e5T6b+fDhQY

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks