General
-
Target
eb96f907bb71171fe3bb779e44ac6007_JaffaCakes118
-
Size
1.0MB
-
Sample
240919-sf66bavgqn
-
MD5
eb96f907bb71171fe3bb779e44ac6007
-
SHA1
36e6f10c8f87d0f06c668d9b04162b45e90b5303
-
SHA256
9d1b495146062d7c63e1d7fd3c98baebfa55a56a9e6e53959d85f58d4624ba78
-
SHA512
5fe962bc1ef156ab0cfff25b6028df49414d0fc74935904812bb5460bfdd82aa54ebd5e2515f0f9c3e9f4b5929e06ad7f12b33dd3888a96f05fac498e95a091b
-
SSDEEP
24576:sNATBHvAey+sIui418iha29SWxbXLb3z5PO7xICA:PTBHTyxvi418iPHbXXz5PO9a
Static task
static1
Behavioral task
behavioral1
Sample
patch.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
patch.exe
-
Size
1.1MB
-
MD5
54cb7e59177f531d259295d73a02f71c
-
SHA1
5e214e05610758004a4c6a8ccb2fbd75cffdca39
-
SHA256
272c3b974870f938abeb3fe970e034e28f57a558f727af62b0a3a94132c2422d
-
SHA512
ed8f3bf7cfc2be8ae0d3e8d897ac57c03ea9b1992326fea704d5444a576b1893c016025f8d632d72a660b946ca354dfa2c0a5b1595023a48975de6120163b721
-
SSDEEP
24576:LlW/B0r+cd8xoa7xb0+hw8YajXiM8lwiswjx/ZyGS5zW:05I+cax/lbPhlvYwDGEGS5zW
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
1Disable or Modify Tools
1Modify Registry
2Virtualization/Sandbox Evasion
1