27698773a1a0a4345f9c8006716bf55d7ef3dc4edca240eb398ba36ef637b505 | Triage

Sharing

General

Target

62c5a1ccd63f251a61f253a31ae912c7_JaffaCakes118
Size

1.0MB
Sample

240722-l1czmssbrr
MD5

62c5a1ccd63f251a61f253a31ae912c7
SHA1

12a6514a9f9a16dc91d2c1c12ad245ce6decfba4
SHA256

27698773a1a0a4345f9c8006716bf55d7ef3dc4edca240eb398ba36ef637b505
SHA512

03ae04d4b0ee2d4170e1d2015dad7ceed966c544ecee4bbb170e958cba5825004340455f1caa190e81191d4ddddfa8ffe834296827e067792b99335e82e8c329
SSDEEP

24576:01Bh1IbhoJfPHcbH5AqDPHS0b5d2hYO7UlGK/cRgOnmq9g6y2vss:EhibAPHcbH53DMhYRcOU7m6Lvb

Score

7^/10

evasion

Malware Config

Targets

- Target
  
  62c5a1ccd63f251a61f253a31ae912c7_JaffaCakes118
- Size
  
  1.0MB
- MD5
  
  62c5a1ccd63f251a61f253a31ae912c7
- SHA1
  
  12a6514a9f9a16dc91d2c1c12ad245ce6decfba4
- SHA256
  
  27698773a1a0a4345f9c8006716bf55d7ef3dc4edca240eb398ba36ef637b505
- SHA512
  
  03ae04d4b0ee2d4170e1d2015dad7ceed966c544ecee4bbb170e958cba5825004340455f1caa190e81191d4ddddfa8ffe834296827e067792b99335e82e8c329
- SSDEEP
  
  24576:01Bh1IbhoJfPHcbH5AqDPHS0b5d2hYO7UlGK/cRgOnmq9g6y2vss:EhibAPHcbH53DMhYRcOU7m6Lvb
Score

7^/10

evasion
- Identifies Wine through registry keys
  Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
  evasion
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2