General
-
Target
621d9a837770f69488e49f50454b523b_JaffaCakes118
-
Size
1.7MB
-
Sample
240722-a6vk4awbqm
-
MD5
621d9a837770f69488e49f50454b523b
-
SHA1
73c3296c1752de181871b588dee20fca2d390f90
-
SHA256
91cecb3e958ca821ccfe64492a003ca65b7e7cd0fb33575de8e79d22bdd07877
-
SHA512
113d2b016c1d5f6fff732fded79e1dd90e154d347d0e705c212094dbe859b6bcf24a02c243392f204e70147bf16c91337c708ed4364694d39413d929a84bbb4c
-
SSDEEP
49152:uTyGGGS+O4sljR/roQA2L5TELbVMTrOq4whQol:wcGS+ARR2e5T6b+fDhQY
Behavioral task
behavioral1
Sample
621d9a837770f69488e49f50454b523b_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
621d9a837770f69488e49f50454b523b_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
621d9a837770f69488e49f50454b523b_JaffaCakes118
-
Size
1.7MB
-
MD5
621d9a837770f69488e49f50454b523b
-
SHA1
73c3296c1752de181871b588dee20fca2d390f90
-
SHA256
91cecb3e958ca821ccfe64492a003ca65b7e7cd0fb33575de8e79d22bdd07877
-
SHA512
113d2b016c1d5f6fff732fded79e1dd90e154d347d0e705c212094dbe859b6bcf24a02c243392f204e70147bf16c91337c708ed4364694d39413d929a84bbb4c
-
SSDEEP
49152:uTyGGGS+O4sljR/roQA2L5TELbVMTrOq4whQol:wcGS+ARR2e5T6b+fDhQY
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-