Overview

overview

9

Static

static

3

d6993b0e9a...18.exe

windows7-x64

9

d6993b0e9a...18.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    d6993b0e9a60a86cd2fc6251628aa066_JaffaCakes118

  • Size

    1.3MB

  • Sample

    240909-swtj6axfnd

  • MD5

    d6993b0e9a60a86cd2fc6251628aa066

  • SHA1

    676f653d4913b9b1491a576aa66c651ad5075d50

  • SHA256

    09d6bd99d6a5a2c7f90db61df7e8564382e43aa3b3f3fbe6a4055d011b303958

  • SHA512

    29b8c31c2964da2abdf6b65d239bb88daa36c485de2bae70ea18342d0e845729bf97fa278f02cb593ed457015dfb4005611645ed68c3706f8fe76df12c28d10f

  • SSDEEP

    24576:3D4h78p5B85l3tDo3QiGWzdm+V3wu00qmgzQ8xvIFUBuAShF96+X2UxljY:TYIp5B8r35GQiVpHa/zQ8xgmcAu96+GI

Score
9/10
discoveryevasiontrojan

Malware Config

Targets

    • Target

      d6993b0e9a60a86cd2fc6251628aa066_JaffaCakes118

    • Size

      1.3MB

    • MD5

      d6993b0e9a60a86cd2fc6251628aa066

    • SHA1

      676f653d4913b9b1491a576aa66c651ad5075d50

    • SHA256

      09d6bd99d6a5a2c7f90db61df7e8564382e43aa3b3f3fbe6a4055d011b303958

    • SHA512

      29b8c31c2964da2abdf6b65d239bb88daa36c485de2bae70ea18342d0e845729bf97fa278f02cb593ed457015dfb4005611645ed68c3706f8fe76df12c28d10f

    • SSDEEP

      24576:3D4h78p5B85l3tDo3QiGWzdm+V3wu00qmgzQ8xvIFUBuAShF96+X2UxljY:TYIp5B8r35GQiVpHa/zQ8xgmcAu96+GI

    Score
    9/10
    discoveryevasiontrojan

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

      evasion

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks