6705371ad06c576666fbc4f7c39cdeffde696c094c1895abc42df100f281c4d3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1f95f1216b16cc12da1de999574a729b_JaffaCakes118
Size

1.1MB
Sample

240507-f3s6rabb4z
MD5

1f95f1216b16cc12da1de999574a729b
SHA1

9d8592e65b71e6d705da08096b6b36038355db79
SHA256

6705371ad06c576666fbc4f7c39cdeffde696c094c1895abc42df100f281c4d3
SHA512

c7825169b42d02f17b13caedd24c4fab6ab0226cb1abb5414e652248e164154de1194f1783b73b60939b53662865e88e1e4693c92d89c573626a17d9a9af6f58
SSDEEP

24576:6MjtdFF1r7tQLf/9fOeEfJkgvvEEWhtkk9vrinJ:ljtHf1oJA1iWyvr6

Score

7^/10

Malware Config

Targets

- Target
  
  1f95f1216b16cc12da1de999574a729b_JaffaCakes118
- Size
  
  1.1MB
- MD5
  
  1f95f1216b16cc12da1de999574a729b
- SHA1
  
  9d8592e65b71e6d705da08096b6b36038355db79
- SHA256
  
  6705371ad06c576666fbc4f7c39cdeffde696c094c1895abc42df100f281c4d3
- SHA512
  
  c7825169b42d02f17b13caedd24c4fab6ab0226cb1abb5414e652248e164154de1194f1783b73b60939b53662865e88e1e4693c92d89c573626a17d9a9af6f58
- SSDEEP
  
  24576:6MjtdFF1r7tQLf/9fOeEfJkgvvEEWhtkk9vrinJ:ljtHf1oJA1iWyvr6
Score

7^/10
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2