General
-
Target
50c887c7490edeb65313045e8d8d485f_JaffaCakes118
-
Size
5.2MB
-
Sample
241017-fnjzjawgnk
-
MD5
50c887c7490edeb65313045e8d8d485f
-
SHA1
52a49ac841a22514a12528265d9d0427e40baa80
-
SHA256
5dbc4918e8ecd9bccce189ea068322ac10b0e47c38c4a20b709467d5bad2ad32
-
SHA512
f663ed4c5cc911d8b1237f7f7643f413436fd10a02e78388b65403a3bd5350982d42792736ac6add4ecab0b599425994db43c5381a116a7c38c7725bae2667e5
-
SSDEEP
98304:NSfv4/+1l1r7E+fyouj5dQz4hCRgrYz1dNGpEcOrrzvoWxKZAS7s5J/xh8xuJ5p5:NSD31PfNujkzUCSE5dN/fzzaOxh8xIb5
Behavioral task
behavioral1
Sample
50c887c7490edeb65313045e8d8d485f_JaffaCakes118.dll
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
50c887c7490edeb65313045e8d8d485f_JaffaCakes118.dll
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
50c887c7490edeb65313045e8d8d485f_JaffaCakes118
-
Size
5.2MB
-
MD5
50c887c7490edeb65313045e8d8d485f
-
SHA1
52a49ac841a22514a12528265d9d0427e40baa80
-
SHA256
5dbc4918e8ecd9bccce189ea068322ac10b0e47c38c4a20b709467d5bad2ad32
-
SHA512
f663ed4c5cc911d8b1237f7f7643f413436fd10a02e78388b65403a3bd5350982d42792736ac6add4ecab0b599425994db43c5381a116a7c38c7725bae2667e5
-
SSDEEP
98304:NSfv4/+1l1r7E+fyouj5dQz4hCRgrYz1dNGpEcOrrzvoWxKZAS7s5J/xh8xuJ5p5:NSD31PfNujkzUCSE5dN/fzzaOxh8xIb5
Score7/10-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Drops file in System32 directory
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-