General
-
Target
a900bb9be45dda5fbcddbf4164e75368_JaffaCakes118
-
Size
524KB
-
Sample
240819-bnx4yawdjg
-
MD5
a900bb9be45dda5fbcddbf4164e75368
-
SHA1
06a66fda20391db7a3d816fcf298fdf941c6b528
-
SHA256
262b8f21b34dbb7a6315411469c6784d87fe5fbf283d757a65002c1bcea230d9
-
SHA512
7cf4bf390a1506ba69e566d3f97c51e2d68cd912ff11eef6b4dc049bc6704f6a5c6209286b8b237019df1fecea6796ab68a1a80eada35cfe88355f6bb15a37ee
-
SSDEEP
12288:35yjx6q+6+BBChbKFEjFLGx9AwbgVNwu57/KZxcO:JZZLiuFE5Gx9mVi6mR
Malware Config
Targets
-
-
Target
a900bb9be45dda5fbcddbf4164e75368_JaffaCakes118
-
Size
524KB
-
MD5
a900bb9be45dda5fbcddbf4164e75368
-
SHA1
06a66fda20391db7a3d816fcf298fdf941c6b528
-
SHA256
262b8f21b34dbb7a6315411469c6784d87fe5fbf283d757a65002c1bcea230d9
-
SHA512
7cf4bf390a1506ba69e566d3f97c51e2d68cd912ff11eef6b4dc049bc6704f6a5c6209286b8b237019df1fecea6796ab68a1a80eada35cfe88355f6bb15a37ee
-
SSDEEP
12288:35yjx6q+6+BBChbKFEjFLGx9AwbgVNwu57/KZxcO:JZZLiuFE5Gx9mVi6mR
Score7/10-
Executes dropped EXE
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Loads dropped DLL
-
Themida packer
Detects Themida, an advanced Windows software protection system.
-
Drops file in System32 directory
-