Overview

overview

7

Static

static

3

75fc8f3243...18.exe

windows7-x64

7

75fc8f3243...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    75fc8f3243e4b3e8b95b137466b4c2eb_JaffaCakes118

  • Size

    2.1MB

  • Sample

    240726-2de4gsyell

  • MD5

    75fc8f3243e4b3e8b95b137466b4c2eb

  • SHA1

    2c46cab582c1230659e7c18542e5f973449deb7e

  • SHA256

    d35a4a4bd91f998e9596b4318a6e5451f0e2371be6bc535e470617bcab15545b

  • SHA512

    f38eb56fdac919b40e5a7f23172d442bb110a6902f18cbfa69be5eed271d63625769a4f2ca9212152f0a6881db4e32c1c855d01c4be8e663c2ae891a87bcee96

  • SSDEEP

    49152:q/NyJ9hfV+uqm5yUu3bRV8lBxQPABzyes5P:m8J9hfqm5yUu3DCBxdBq

Score
7/10
discoveryevasiontrojan

Malware Config

Targets

    • Target

      75fc8f3243e4b3e8b95b137466b4c2eb_JaffaCakes118

    • Size

      2.1MB

    • MD5

      75fc8f3243e4b3e8b95b137466b4c2eb

    • SHA1

      2c46cab582c1230659e7c18542e5f973449deb7e

    • SHA256

      d35a4a4bd91f998e9596b4318a6e5451f0e2371be6bc535e470617bcab15545b

    • SHA512

      f38eb56fdac919b40e5a7f23172d442bb110a6902f18cbfa69be5eed271d63625769a4f2ca9212152f0a6881db4e32c1c855d01c4be8e663c2ae891a87bcee96

    • SSDEEP

      49152:q/NyJ9hfV+uqm5yUu3bRV8lBxQPABzyes5P:m8J9hfqm5yUu3DCBxdBq

    Score
    7/10
    discoveryevasiontrojan

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

      evasion

    • Checks whether UAC is enabled

      evasiontrojan

    • Drops file in System32 directory

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks