General
-
Target
657f8bc1a9658d7955f3624d9915a168_JaffaCakes118
-
Size
73KB
-
Sample
240522-bp17zsga2v
-
MD5
657f8bc1a9658d7955f3624d9915a168
-
SHA1
97878981e875251d76850ef1dae812df4be95a5c
-
SHA256
6b84df5e66e44067e1cb5a74b3c5f3ca273d8b439498779440167627527addc2
-
SHA512
8d726a30f3c7309a5497757a66bd2980a6cc7abb3bad8bdb2be11e2657a207564017ad32291cf505b39aa49e34bdebf882580a3e5d74301263f701519adde7cd
-
SSDEEP
1536:HS0CSKYSPrOD2gwsJnskkc3rgJ97Kg6R7koLRJcGbUDZHGHy:HS0CS+iD2l4s43ngIIo8UcHGHy
Malware Config
Targets
-
-
Target
657f8bc1a9658d7955f3624d9915a168_JaffaCakes118
-
Size
73KB
-
MD5
657f8bc1a9658d7955f3624d9915a168
-
SHA1
97878981e875251d76850ef1dae812df4be95a5c
-
SHA256
6b84df5e66e44067e1cb5a74b3c5f3ca273d8b439498779440167627527addc2
-
SHA512
8d726a30f3c7309a5497757a66bd2980a6cc7abb3bad8bdb2be11e2657a207564017ad32291cf505b39aa49e34bdebf882580a3e5d74301263f701519adde7cd
-
SSDEEP
1536:HS0CSKYSPrOD2gwsJnskkc3rgJ97Kg6R7koLRJcGbUDZHGHy:HS0CS+iD2l4s43ngIIo8UcHGHy
Score8/10-
Identifies devices as anti-VM
-
Exfiltration Over Alternative Protocol
Adversaries may steal data by exfiltrating it over an un-encrypted network protocol other than that of the existing command and control channel.
-
File Permission
Adversaries may modify file permissions/attributes to evade access control lists (ACLs) and access protected files.
-
Queries the hardware information (I/O Kit registry).
An adversary may attempt to get detailed information about the operating system and hardware, including version, patches, hotfixes, service packs, and architecture.
-
MITRE ATT&CK Enterprise v15
Defense Evasion
File and Directory Permissions Modification
1Linux and Mac File and Directory Permissions Modification
1Hide Artifacts
1Resource Forking
1