05a0bfe9921083ca893ec3a08623bf122c17b871e0223dee04871f0ee55a50de | Triage

Sharing

Copy URL Twitter E-mail

General

Target

30dc9258fcd32cf51e7c5adf058c79be_JaffaCakes118
Size

520KB
Sample

240510-y2dc1sfe7t
MD5

30dc9258fcd32cf51e7c5adf058c79be
SHA1

f02bc0b2c4476a977d7b01541fde8b99f18b28cc
SHA256

05a0bfe9921083ca893ec3a08623bf122c17b871e0223dee04871f0ee55a50de
SHA512

2c93e0b1e5dad44d97e5d496a44f46bf2bf7174560a52daacf7d9c1ef6c301c7a53851ca77e2cd7e8a1a1170792ba5c534e4e65f5fc5ff1eba9c0b620361e6a3
SSDEEP

12288:LL7GuyK/RFuWzlbyCCVUVrvet55WaVwzOFd2RnKLbNaQ/CX2xVkN5:/XyidzJynUVc5YaiOGRKXNCuGN5

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  30dc9258fcd32cf51e7c5adf058c79be_JaffaCakes118
- Size
  
  520KB
- MD5
  
  30dc9258fcd32cf51e7c5adf058c79be
- SHA1
  
  f02bc0b2c4476a977d7b01541fde8b99f18b28cc
- SHA256
  
  05a0bfe9921083ca893ec3a08623bf122c17b871e0223dee04871f0ee55a50de
- SHA512
  
  2c93e0b1e5dad44d97e5d496a44f46bf2bf7174560a52daacf7d9c1ef6c301c7a53851ca77e2cd7e8a1a1170792ba5c534e4e65f5fc5ff1eba9c0b620361e6a3
- SSDEEP
  
  12288:LL7GuyK/RFuWzlbyCCVUVrvet55WaVwzOFd2RnKLbNaQ/CX2xVkN5:/XyidzJynUVc5YaiOGRKXNCuGN5
Score

7^/10

discovery
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2