9eb3ec39475e1a4ab0b50085d0e5602df3f8696870a2e0f53fbd7740cbe6f563 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

440246d47e6b18d8c99a9c4efaad4062_JaffaCakes118
Size

831KB
Sample

240515-b18q7sag7z
MD5

440246d47e6b18d8c99a9c4efaad4062
SHA1

e7e62bc9d9d335de6debcea914739aa1d49b8dc5
SHA256

9eb3ec39475e1a4ab0b50085d0e5602df3f8696870a2e0f53fbd7740cbe6f563
SHA512

f5252a1c771ffa896c53c29ea3c089807e3207a826ac1318cf78edb48edc1d300cae0e9fa0aa0e3e95a6373a89c4c386a84d3a3acf36a7310bc11d1ed85a8d66
SSDEEP

24576:kravAb6XNXPkONp7pExZ3XYkhnzwg/9p6h:kmYbeXtNiZnNtzhf6

Score

7^/10

Malware Config

Targets

- Target
  
  440246d47e6b18d8c99a9c4efaad4062_JaffaCakes118
- Size
  
  831KB
- MD5
  
  440246d47e6b18d8c99a9c4efaad4062
- SHA1
  
  e7e62bc9d9d335de6debcea914739aa1d49b8dc5
- SHA256
  
  9eb3ec39475e1a4ab0b50085d0e5602df3f8696870a2e0f53fbd7740cbe6f563
- SHA512
  
  f5252a1c771ffa896c53c29ea3c089807e3207a826ac1318cf78edb48edc1d300cae0e9fa0aa0e3e95a6373a89c4c386a84d3a3acf36a7310bc11d1ed85a8d66
- SSDEEP
  
  24576:kravAb6XNXPkONp7pExZ3XYkhnzwg/9p6h:kmYbeXtNiZnNtzhf6
Score

7^/10
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Loads dropped DLL
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2