127ac09c8ec7ab9ab13370f39c430f0074929be83b1f04d3277135bfb6831183 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5d16365856f3b68954cbbd992ed8f4e5_JaffaCakes118
Size

521KB
Sample

240520-ema5kaag77
MD5

5d16365856f3b68954cbbd992ed8f4e5
SHA1

70b3edac193613e76d3bbace71f99044c666c8fc
SHA256

127ac09c8ec7ab9ab13370f39c430f0074929be83b1f04d3277135bfb6831183
SHA512

8fc18cc22dc432aba9f00d9a7c749024eb8707059a95bf93c99beacf95aa78223990fe87fa91c13572f0485c9cf1f53cd24bb14fe552c6fd72855e7684789812
SSDEEP

12288:DL7GuyK/RFuWzlbyCCVUVrvet55WaVwzOFd2RnKLbNaQ/CX2xVkN:HXyidzJynUVc5YaiOGRKXNCuGN

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  5d16365856f3b68954cbbd992ed8f4e5_JaffaCakes118
- Size
  
  521KB
- MD5
  
  5d16365856f3b68954cbbd992ed8f4e5
- SHA1
  
  70b3edac193613e76d3bbace71f99044c666c8fc
- SHA256
  
  127ac09c8ec7ab9ab13370f39c430f0074929be83b1f04d3277135bfb6831183
- SHA512
  
  8fc18cc22dc432aba9f00d9a7c749024eb8707059a95bf93c99beacf95aa78223990fe87fa91c13572f0485c9cf1f53cd24bb14fe552c6fd72855e7684789812
- SSDEEP
  
  12288:DL7GuyK/RFuWzlbyCCVUVrvet55WaVwzOFd2RnKLbNaQ/CX2xVkN:HXyidzJynUVc5YaiOGRKXNCuGN
Score

7^/10

discovery
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2