General
-
Target
839de8b7ddaadd450c4127fe4db09a5f_JaffaCakes118
-
Size
612KB
-
Sample
241031-xly44ssfpp
-
MD5
839de8b7ddaadd450c4127fe4db09a5f
-
SHA1
219d354b3bb965c2b8f05037628a04f054b5f1d2
-
SHA256
f5039bfb70fce739171fa48af78bd5938c3b63287fdef28c766ac0863e79d76f
-
SHA512
e9468d06a2727a3fcac71cead9904b144c395e01b8bba32695a0b774e16ccdc5a45d848108550ba351cbfdddd8eec3f9955747297707d5ded3ebbc14206cd2db
-
SSDEEP
12288:HRZhTgxkezDqg9Zm5UGwI91n/cd5ufVQlJgn8uiKAI6Pc6Iz6R:LexDqg9Zm5TcGfVQsn8uifRPcF
Static task
static1
Behavioral task
behavioral1
Sample
839de8b7ddaadd450c4127fe4db09a5f_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
839de8b7ddaadd450c4127fe4db09a5f_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
839de8b7ddaadd450c4127fe4db09a5f_JaffaCakes118
-
Size
612KB
-
MD5
839de8b7ddaadd450c4127fe4db09a5f
-
SHA1
219d354b3bb965c2b8f05037628a04f054b5f1d2
-
SHA256
f5039bfb70fce739171fa48af78bd5938c3b63287fdef28c766ac0863e79d76f
-
SHA512
e9468d06a2727a3fcac71cead9904b144c395e01b8bba32695a0b774e16ccdc5a45d848108550ba351cbfdddd8eec3f9955747297707d5ded3ebbc14206cd2db
-
SSDEEP
12288:HRZhTgxkezDqg9Zm5UGwI91n/cd5ufVQlJgn8uiKAI6Pc6Iz6R:LexDqg9Zm5TcGfVQsn8uifRPcF
Score8/10-
Adds policy Run key to start application
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Deletes itself
-
Executes dropped EXE
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Loads dropped DLL
-