General
-
Target
c15a34f4a416bd5e37575a1ac2d013c9_JaffaCakes118
-
Size
1.8MB
-
Sample
240825-xfwrssyeqb
-
MD5
c15a34f4a416bd5e37575a1ac2d013c9
-
SHA1
70857e856bb17deafa260c0db298137cb55873c5
-
SHA256
18efcaf65d07160fd0dc967c8303946981aad1a1ca5c6ad9ee5815c34cacde0e
-
SHA512
d81d4f1ba77bc07590641697c135290a07d6b8895e081d06134a9cdd13d42d0b295b3ef0aa7fd576d51b60d062ccab9119fecdbd1afe5e01684a1cff8f58804f
-
SSDEEP
24576:rT7AC5h5fd9D0mzmjC0ejRBqkYAqYh+GcJTAigI3OE9ORXKu/2RYIe2KyWeu+u2I:jAS7fQRCD3dfwGA3gqOmc2RLe2anoGb
Malware Config
Targets
-
-
Target
c15a34f4a416bd5e37575a1ac2d013c9_JaffaCakes118
-
Size
1.8MB
-
MD5
c15a34f4a416bd5e37575a1ac2d013c9
-
SHA1
70857e856bb17deafa260c0db298137cb55873c5
-
SHA256
18efcaf65d07160fd0dc967c8303946981aad1a1ca5c6ad9ee5815c34cacde0e
-
SHA512
d81d4f1ba77bc07590641697c135290a07d6b8895e081d06134a9cdd13d42d0b295b3ef0aa7fd576d51b60d062ccab9119fecdbd1afe5e01684a1cff8f58804f
-
SSDEEP
24576:rT7AC5h5fd9D0mzmjC0ejRBqkYAqYh+GcJTAigI3OE9ORXKu/2RYIe2KyWeu+u2I:jAS7fQRCD3dfwGA3gqOmc2RLe2anoGb
Score10/10-
Raccoon
Raccoon is an infostealer written in C++ and first seen in 2019.
-
Raccoon Stealer V1 payload
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Themida packer
Detects Themida, an advanced Windows software protection system.
-
Checks whether UAC is enabled
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-