2288b7c3ee9dd65e50a56c9b05fb964de84214a5f339643b272e5e6f5dc2cfb6 | Triage

Sharing

General

Target

08f1c7ac1e4e3bf6265474b35a7b8cdc_JaffaCakes118
Size

934KB
Sample

240430-d9mw7sbd65
MD5

08f1c7ac1e4e3bf6265474b35a7b8cdc
SHA1

49fdbc745e78326bf1fb198c4198581d9fda3a57
SHA256

2288b7c3ee9dd65e50a56c9b05fb964de84214a5f339643b272e5e6f5dc2cfb6
SHA512

98b34fdc73c9f1e23b5170766e567de193829de512e08a443d19217f1e6a8757066716c9598b5ea77f5ec8efa2a9292da7d8675a6aad6d188cc5fecb70f292a7
SSDEEP

12288:JCHIrRHW4Wym2dDrHLt75ZeL8VlF/5ktz1botKdgA0ycwri1jW7m5j5OKb4cKvzj:QorEmB5h7muzkJ1bjPri1Am9KvVt

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  08f1c7ac1e4e3bf6265474b35a7b8cdc_JaffaCakes118
- Size
  
  934KB
- MD5
  
  08f1c7ac1e4e3bf6265474b35a7b8cdc
- SHA1
  
  49fdbc745e78326bf1fb198c4198581d9fda3a57
- SHA256
  
  2288b7c3ee9dd65e50a56c9b05fb964de84214a5f339643b272e5e6f5dc2cfb6
- SHA512
  
  98b34fdc73c9f1e23b5170766e567de193829de512e08a443d19217f1e6a8757066716c9598b5ea77f5ec8efa2a9292da7d8675a6aad6d188cc5fecb70f292a7
- SSDEEP
  
  12288:JCHIrRHW4Wym2dDrHLt75ZeL8VlF/5ktz1botKdgA0ycwri1jW7m5j5OKb4cKvzj:QorEmB5h7muzkJ1bjPri1Am9KvVt
Score

7^/10

discovery
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2