ac7dc2d80acf1c4ddc891347bac2b63dd894ca7ad400ec53ba64cc2c958733e7 | Triage

Sharing

General

Target

4c6cb32f61c9873ec1b0c79e4de41c6d_JaffaCakes118
Size

894KB
Sample

240516-wx8l9ahf56
MD5

4c6cb32f61c9873ec1b0c79e4de41c6d
SHA1

ae7b920563adb3f8b58f4cc264872810959431ec
SHA256

ac7dc2d80acf1c4ddc891347bac2b63dd894ca7ad400ec53ba64cc2c958733e7
SHA512

9ee7ef1483e580df16a0061013a31e74394834e1e3cb2d4d9fbd74eff1a107663e4a73f24ef9484532c696a62c6ca7899f467ac6a2bae9bbb240a7001c8f2ecb
SSDEEP

24576:z6V7n6oU0vgXHvJthjEg7+qK8yPDZaCDjk5BYwf2WB:z076oDvcxteg7+qKNDZa/5uAhB

Score

7^/10

evasion

Malware Config

Targets

- Target
  
  gHack-New [20.02.2018] (1)/gHack-New [20.02.2018].exe
- Size
  
  2.9MB
- MD5
  
  8dc26f22c8817802dd719355a61231a8
- SHA1
  
  f14cb22b25a2e2bdb50633c143a8ec449e4ad0f7
- SHA256
  
  ae942b51b7bc6f5d6f81fcab9c905829e89f6942ae2093b8fd864112ce9238a2
- SHA512
  
  df60734679f3a8382309350b91c87c91cab5417f0216e6ee5452e6c19c6b3fa6c59692bb41e81d223e4c1f500eb82741be6ec922a82cf819ecdc4e6b2b45560f
- SSDEEP
  
  24576:DiKf6YbusWzi0sBeC2OkmNj+l4wW8YD3m5LWZMkY8Avrb2vcO4z1Pq3+AvIZ:uHYbulTs4C2OPcW/ATyvcO4z1Pq3+AQZ
Score

7^/10

evasion
- Identifies Wine through registry keys
  Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
  evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2