General
-
Target
fca79ea526a6bfcf9ea39f1d5c291824_JaffaCakes118
-
Size
1.6MB
-
Sample
240928-thp59axand
-
MD5
fca79ea526a6bfcf9ea39f1d5c291824
-
SHA1
8e79704bb92ad18baa3a90433fbd62138f28aa07
-
SHA256
d0843ebb1dcc402111f3b9b8443dfead2b61eedd566f508f16653a609a11e48e
-
SHA512
578ec237b0fa66591aee04b879afce64cffe0fc447117928253e2db216c6e7b0fda625f8e5de74b4918680ebc36c93ed45f3fb880b39040497407b90ab42f9b1
-
SSDEEP
24576:LZgownkGvQW/BwuFgGs2R+osEbmUZ84cxF4dgmlmIYPGJ6q1e9tSdWpvFr3GLK:CZkOOo+oexxbmYtPGJz19kpv4
Malware Config
Targets
-
-
Target
fca79ea526a6bfcf9ea39f1d5c291824_JaffaCakes118
-
Size
1.6MB
-
MD5
fca79ea526a6bfcf9ea39f1d5c291824
-
SHA1
8e79704bb92ad18baa3a90433fbd62138f28aa07
-
SHA256
d0843ebb1dcc402111f3b9b8443dfead2b61eedd566f508f16653a609a11e48e
-
SHA512
578ec237b0fa66591aee04b879afce64cffe0fc447117928253e2db216c6e7b0fda625f8e5de74b4918680ebc36c93ed45f3fb880b39040497407b90ab42f9b1
-
SSDEEP
24576:LZgownkGvQW/BwuFgGs2R+osEbmUZ84cxF4dgmlmIYPGJ6q1e9tSdWpvFr3GLK:CZkOOo+oexxbmYtPGJz19kpv4
Score7/10-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Checks whether UAC is enabled
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-