Overview

overview

7

Static

static

7

ad995e4c11...18.exe

windows7-x64

7

ad995e4c11...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ad995e4c117f87db47ec1a3182f83dff_JaffaCakes118

  • Size

    638KB

  • Sample

    240820-dabpwszend

  • MD5

    ad995e4c117f87db47ec1a3182f83dff

  • SHA1

    df93b13b763c2ac6fb2c4f1b2df2e7f85dcf0ce4

  • SHA256

    c751091e04d6419ecb87e98cc0cad18b95fdec4c4a347fb7c1718545a83b8920

  • SHA512

    982adb77c456967087305296d73352b35393c915723372c83f536876ef1f9eecf076da578a8bae842f61840631900d1f3c6179adab7f26e1c18220500442b615

  • SSDEEP

    12288:uowPlhFNPsjQT5xeQSt9PRBVyXfS28MPUEFA4PuCS27mn9J7B04Ulru7tzNk:uLPlLi0T5XSt9P1yvS2sEFA4PuCS27mY

Score
7/10
discoveryevasionthemida

Malware Config

Targets

    • Target

      ad995e4c117f87db47ec1a3182f83dff_JaffaCakes118

    • Size

      638KB

    • MD5

      ad995e4c117f87db47ec1a3182f83dff

    • SHA1

      df93b13b763c2ac6fb2c4f1b2df2e7f85dcf0ce4

    • SHA256

      c751091e04d6419ecb87e98cc0cad18b95fdec4c4a347fb7c1718545a83b8920

    • SHA512

      982adb77c456967087305296d73352b35393c915723372c83f536876ef1f9eecf076da578a8bae842f61840631900d1f3c6179adab7f26e1c18220500442b615

    • SSDEEP

      12288:uowPlhFNPsjQT5xeQSt9PRBVyXfS28MPUEFA4PuCS27mn9J7B04Ulru7tzNk:uLPlLi0T5XSt9P1yvS2sEFA4PuCS27mY

    Score
    7/10
    evasionthemidadiscovery

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

      evasion

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

      themida
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks