General
-
Target
be8457ca38bb72e999bca972ceabcd87_JaffaCakes118
-
Size
588KB
-
Sample
240824-ntldjszeml
-
MD5
be8457ca38bb72e999bca972ceabcd87
-
SHA1
03a6e3a99b8c7733332317c6ddbfba7ae12673a3
-
SHA256
13ec87cd477eac3d4077ffb604e585f16cc98bff23b4eb198d38593aef1b90c3
-
SHA512
545cd93b6f3c3b651d593111a2ac56c074083c6866544620ed97559273c46eda3494271685c430fd0604605e53a9ff709f9431df38488b8b06891c1aafc6756f
-
SSDEEP
12288:nXznQ+bCxWrUhLZvzC/igEhrNA9SNwyrYAmyhIna3PiGpYh7jV:KgIh0/iLhrekeKYAl4RNV
Malware Config
Targets
-
-
Target
be8457ca38bb72e999bca972ceabcd87_JaffaCakes118
-
Size
588KB
-
MD5
be8457ca38bb72e999bca972ceabcd87
-
SHA1
03a6e3a99b8c7733332317c6ddbfba7ae12673a3
-
SHA256
13ec87cd477eac3d4077ffb604e585f16cc98bff23b4eb198d38593aef1b90c3
-
SHA512
545cd93b6f3c3b651d593111a2ac56c074083c6866544620ed97559273c46eda3494271685c430fd0604605e53a9ff709f9431df38488b8b06891c1aafc6756f
-
SSDEEP
12288:nXznQ+bCxWrUhLZvzC/igEhrNA9SNwyrYAmyhIna3PiGpYh7jV:KgIh0/iLhrekeKYAl4RNV
Score7/10-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Loads dropped DLL
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Suspicious use of SetThreadContext
-