cb757cd744d70f90e6d176a61e7d8765d8b171f51c4ade349e3ec64edf3ea8c4 | Triage

Sharing

General

Target

6589e79bf640173e2eb2e8124621d9d2_JaffaCakes118
Size

885KB
Sample

240522-by2j4sgc8y
MD5

6589e79bf640173e2eb2e8124621d9d2
SHA1

ff15ed42e5f47925d88945d9c081f590398008c3
SHA256

cb757cd744d70f90e6d176a61e7d8765d8b171f51c4ade349e3ec64edf3ea8c4
SHA512

3e0928121c3380f50c90f8608cc14e3f45e62ebb9bf64a071e4b11075114709dbc6ddaa5f8755b3947630f33985abaf2e57e66a33bf5b7114c88486778e27c81
SSDEEP

24576:BuvYVsT1lnTPopmmyBgCl3T0lVz6odQ6I:UvYkRTE3YcbQT

Score

7^/10

Malware Config

Targets

- Target
  
  6589e79bf640173e2eb2e8124621d9d2_JaffaCakes118
- Size
  
  885KB
- MD5
  
  6589e79bf640173e2eb2e8124621d9d2
- SHA1
  
  ff15ed42e5f47925d88945d9c081f590398008c3
- SHA256
  
  cb757cd744d70f90e6d176a61e7d8765d8b171f51c4ade349e3ec64edf3ea8c4
- SHA512
  
  3e0928121c3380f50c90f8608cc14e3f45e62ebb9bf64a071e4b11075114709dbc6ddaa5f8755b3947630f33985abaf2e57e66a33bf5b7114c88486778e27c81
- SSDEEP
  
  24576:BuvYVsT1lnTPopmmyBgCl3T0lVz6odQ6I:UvYkRTE3YcbQT
Score

7^/10
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2