854828b473aa77951f6cb8675a3d3d9b9f4b1752a723d861f70f06962d748cf5 | Triage

Sharing

General

Target

0380ae4d63b3dd0353002c916198aa52_JaffaCakes118
Size

1.1MB
Sample

240427-ym3dlaff5s
MD5

0380ae4d63b3dd0353002c916198aa52
SHA1

ccbcbf5978ee5272b91110b85d4f3cbabe0a3ca7
SHA256

854828b473aa77951f6cb8675a3d3d9b9f4b1752a723d861f70f06962d748cf5
SHA512

d1d29999c9a86b0f753a718f82c6b0f77c74f28fca7786cc87e11e1aa645baaa0fcdbac5ab26e63093bd09bc171174fff6246703e231a3e2617a4cae2e8d8e83
SSDEEP

24576:aMjtdFF1r7tQLf/9fOeEfJkgvvEEWhtkk9vrin:FjtHf1oJA1iWyvr

Score

7^/10

Malware Config

Targets

- Target
  
  0380ae4d63b3dd0353002c916198aa52_JaffaCakes118
- Size
  
  1.1MB
- MD5
  
  0380ae4d63b3dd0353002c916198aa52
- SHA1
  
  ccbcbf5978ee5272b91110b85d4f3cbabe0a3ca7
- SHA256
  
  854828b473aa77951f6cb8675a3d3d9b9f4b1752a723d861f70f06962d748cf5
- SHA512
  
  d1d29999c9a86b0f753a718f82c6b0f77c74f28fca7786cc87e11e1aa645baaa0fcdbac5ab26e63093bd09bc171174fff6246703e231a3e2617a4cae2e8d8e83
- SSDEEP
  
  24576:aMjtdFF1r7tQLf/9fOeEfJkgvvEEWhtkk9vrin:FjtHf1oJA1iWyvr
Score

7^/10
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2