General
-
Target
b705810009309cd0db84d37936afec75_JaffaCakes118
-
Size
1.0MB
-
Sample
240822-kpn24a1cpq
-
MD5
b705810009309cd0db84d37936afec75
-
SHA1
f7e07ab5c4d61dcf401baba30bbc43c4c4a5254b
-
SHA256
575f899a44c7b04c5a63c014c45076668b8cfe8ca535ceaf95198ff498ad12cc
-
SHA512
9c9d36eb72b128575814e66b9f4c850916262cde0b3ed71272da2064776f6dd4a2ade2fdd128165ce7cc9648cf8b9b795beb82d202645bce8afda09cb966bb68
-
SSDEEP
12288:BXBLKEJ803cfWbVf3IKI6gyPXItiGVW5hJLOd09imjyo6:lmUz/IYgKJmknLOd4A
Malware Config
Targets
-
-
Target
b705810009309cd0db84d37936afec75_JaffaCakes118
-
Size
1.0MB
-
MD5
b705810009309cd0db84d37936afec75
-
SHA1
f7e07ab5c4d61dcf401baba30bbc43c4c4a5254b
-
SHA256
575f899a44c7b04c5a63c014c45076668b8cfe8ca535ceaf95198ff498ad12cc
-
SHA512
9c9d36eb72b128575814e66b9f4c850916262cde0b3ed71272da2064776f6dd4a2ade2fdd128165ce7cc9648cf8b9b795beb82d202645bce8afda09cb966bb68
-
SSDEEP
12288:BXBLKEJ803cfWbVf3IKI6gyPXItiGVW5hJLOd09imjyo6:lmUz/IYgKJmknLOd4A
Score7/10-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Checks registry for disk virtualization
Detecting virtualization disks is order done to detect sandboxing environments.
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-