1a7ef60b3734e186a82faf99698f8af88172f932bc8d5451a4134e5eb8fb8841 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2a3e01212fa0191dac47c515e0e49dbe_JaffaCakes118
Size

885KB
Sample

240509-q3d2yace9z
MD5

2a3e01212fa0191dac47c515e0e49dbe
SHA1

a7d4350d8962c09488eb4353d0d92f2d9c564e18
SHA256

1a7ef60b3734e186a82faf99698f8af88172f932bc8d5451a4134e5eb8fb8841
SHA512

9da37aaa6661bd248fe3b0e144dc7732902a7e817a5d446bf3400d2a38377bc123474453d4bbd885139d757b272b563978030ae7bc2cf672fbed62cf6d6d600d
SSDEEP

24576:huvYVsT1lnTPopmmyBgCl3T0lVz6odQ6+:0vYkRTE3YcbQB

Score

7^/10

Malware Config

Targets

- Target
  
  2a3e01212fa0191dac47c515e0e49dbe_JaffaCakes118
- Size
  
  885KB
- MD5
  
  2a3e01212fa0191dac47c515e0e49dbe
- SHA1
  
  a7d4350d8962c09488eb4353d0d92f2d9c564e18
- SHA256
  
  1a7ef60b3734e186a82faf99698f8af88172f932bc8d5451a4134e5eb8fb8841
- SHA512
  
  9da37aaa6661bd248fe3b0e144dc7732902a7e817a5d446bf3400d2a38377bc123474453d4bbd885139d757b272b563978030ae7bc2cf672fbed62cf6d6d600d
- SSDEEP
  
  24576:huvYVsT1lnTPopmmyBgCl3T0lVz6odQ6+:0vYkRTE3YcbQB
Score

7^/10
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2