General
-
Target
6e69c20189b199789754afe796010e3a_JaffaCakes118
-
Size
2.2MB
-
Sample
241023-mjhn8svdra
-
MD5
6e69c20189b199789754afe796010e3a
-
SHA1
a5ceded4ff026f8c7b41d4fefa7dd4ace120ff9f
-
SHA256
b056f7890ca258ae72649a06512b92bd5d8057beeada1fd5fed514afd413cb84
-
SHA512
197bbc3ce7ab2b755a118a01761bd2f7f0acb4fe19ccfe3539b4a15467ef687de3facf8b5b0f94f4231d6abb678251218729035f2cf47a64300f245ce6611729
-
SSDEEP
49152:mnC9niZTzVOU/8LpPxSioBUMdZQc5fqLpeYLxGZSQYvaeLg:R9Yp8ctZNUI3Aa4g
Malware Config
Targets
-
-
Target
6e69c20189b199789754afe796010e3a_JaffaCakes118
-
Size
2.2MB
-
MD5
6e69c20189b199789754afe796010e3a
-
SHA1
a5ceded4ff026f8c7b41d4fefa7dd4ace120ff9f
-
SHA256
b056f7890ca258ae72649a06512b92bd5d8057beeada1fd5fed514afd413cb84
-
SHA512
197bbc3ce7ab2b755a118a01761bd2f7f0acb4fe19ccfe3539b4a15467ef687de3facf8b5b0f94f4231d6abb678251218729035f2cf47a64300f245ce6611729
-
SSDEEP
49152:mnC9niZTzVOU/8LpPxSioBUMdZQc5fqLpeYLxGZSQYvaeLg:R9Yp8ctZNUI3Aa4g
Score10/10-
Azorult
An information stealer that was first discovered in 2016, targeting browsing history and passwords.
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Checks whether UAC is enabled
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-