742820e23b9cadf00ff083ebe881e294a8d258a0b1ef1a6f9edbe21e3003d0ae | Triage

Sharing

General

Target

441542ba3037611b59e363fccff4984c_JaffaCakes118
Size

853KB
Sample

240515-cd7q3acc97
MD5

441542ba3037611b59e363fccff4984c
SHA1

2323bbf0967ca54f6b42edeb18135a1f302ea1aa
SHA256

742820e23b9cadf00ff083ebe881e294a8d258a0b1ef1a6f9edbe21e3003d0ae
SHA512

07a9dcf1b2d87c1d55cabcd9e799ab297fc19833c58065a37a0feba096bd09582a9b0d66fd240b04ab658c99163636274fa1ff2df409b8acff08e6fdafff6779
SSDEEP

24576:FYq2/9nnr5cDNsOQfKJL9ki1arPvi/cjaBYfvA:WqaxyDC2JmSoPvikO8A

Score

7^/10

Malware Config

Targets

- Target
  
  441542ba3037611b59e363fccff4984c_JaffaCakes118
- Size
  
  853KB
- MD5
  
  441542ba3037611b59e363fccff4984c
- SHA1
  
  2323bbf0967ca54f6b42edeb18135a1f302ea1aa
- SHA256
  
  742820e23b9cadf00ff083ebe881e294a8d258a0b1ef1a6f9edbe21e3003d0ae
- SHA512
  
  07a9dcf1b2d87c1d55cabcd9e799ab297fc19833c58065a37a0feba096bd09582a9b0d66fd240b04ab658c99163636274fa1ff2df409b8acff08e6fdafff6779
- SSDEEP
  
  24576:FYq2/9nnr5cDNsOQfKJL9ki1arPvi/cjaBYfvA:WqaxyDC2JmSoPvikO8A
Score

7^/10
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2