General
-
Target
JaffaCakes118_991d453966f2710887d63540216ff40d
-
Size
2.7MB
-
Sample
250330-zvqv7syrw4
-
MD5
991d453966f2710887d63540216ff40d
-
SHA1
42bd94f26e36c5e9a8ee9d9120d4621993f932f6
-
SHA256
2e8c45281d65f80244cecf99b939d4bc506597eb94a9f1c0fe0404c028f42c4f
-
SHA512
a32888aae4a4d983f2c691c504c2398175a6055595c9e69c050c94d9dc27ac5087f9aa794e176b4bd91fbb9df9bd9700c4698cf806459482aff0378cdc538227
-
SSDEEP
49152:acQ/QOxVY6yvunHkq/m2hJcax2EOZYgUjWbb0SdSLrgWQUaRZHJTBJvWempJF+UQ:aD/xxV9ypXw8Rlbpj+NFvJIpsMl
Malware Config
Targets
-
-
Target
JaffaCakes118_991d453966f2710887d63540216ff40d
-
Size
2.7MB
-
MD5
991d453966f2710887d63540216ff40d
-
SHA1
42bd94f26e36c5e9a8ee9d9120d4621993f932f6
-
SHA256
2e8c45281d65f80244cecf99b939d4bc506597eb94a9f1c0fe0404c028f42c4f
-
SHA512
a32888aae4a4d983f2c691c504c2398175a6055595c9e69c050c94d9dc27ac5087f9aa794e176b4bd91fbb9df9bd9700c4698cf806459482aff0378cdc538227
-
SSDEEP
49152:acQ/QOxVY6yvunHkq/m2hJcax2EOZYgUjWbb0SdSLrgWQUaRZHJTBJvWempJF+UQ:aD/xxV9ypXw8Rlbpj+NFvJIpsMl
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Themida packer
Detects Themida, an advanced Windows software protection system.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-