Overview

overview

7

Static

static

7

feee9e4345...18.exe

windows7-x64

7

feee9e4345...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    feee9e43451f58f7b2b08f0c1f4bd56a_JaffaCakes118

  • Size

    1.0MB

  • Sample

    240929-t5eb9s1grk

  • MD5

    feee9e43451f58f7b2b08f0c1f4bd56a

  • SHA1

    2ff22e3acbe13cae60b10d0862dfb159ffe033e7

  • SHA256

    1cfb4dd58274be21fc43600bc58017525c92cdb29f9bbcfc001ce97bf72709d1

  • SHA512

    dd1f0e161a477527b3ee40ca986c4896624a9a3433bf00e82f271d3facc81a5758168c9ee74db7cab044acb2707618dc623177ce317f2a1b9be6bcd9137ec175

  • SSDEEP

    24576:0m0drXIdG9qxd+BoI08qmf/s0YEgWkohUcH66N0F5p:0myZqxwBoTusup66u

Score
7/10
discoveryevasionthemida

Malware Config

Targets

    • Target

      feee9e43451f58f7b2b08f0c1f4bd56a_JaffaCakes118

    • Size

      1.0MB

    • MD5

      feee9e43451f58f7b2b08f0c1f4bd56a

    • SHA1

      2ff22e3acbe13cae60b10d0862dfb159ffe033e7

    • SHA256

      1cfb4dd58274be21fc43600bc58017525c92cdb29f9bbcfc001ce97bf72709d1

    • SHA512

      dd1f0e161a477527b3ee40ca986c4896624a9a3433bf00e82f271d3facc81a5758168c9ee74db7cab044acb2707618dc623177ce317f2a1b9be6bcd9137ec175

    • SSDEEP

      24576:0m0drXIdG9qxd+BoI08qmf/s0YEgWkohUcH66N0F5p:0myZqxwBoTusup66u

    Score
    7/10
    discoveryevasionthemida

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

      evasion

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

      themida

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks