General

  • Target

    684e58097257460c80d6d1722e6d751e_JaffaCakes118

  • Size

    3.8MB

  • Sample

    240522-xsna7adb77

  • MD5

    684e58097257460c80d6d1722e6d751e

  • SHA1

    dc5aec127d721c889c642800590f3722ec843a6b

  • SHA256

    f6056bf443cbb3630c60d3e50780cb5654a9c356a0207e539127a13157c9af39

  • SHA512

    9fe72a5e02ee810c3fe97852e25b448032bd178446d44e3d0ed33a5e26714475ef3d2c9cbd6ee984a192c91bbedf94554c4803b48d0b53c96914486e1a0b50e2

  • SSDEEP

    98304:uZuarCtWyX0p+tUFHtrXCDHGkSn8b+vPdP:uZHrzyG+2aDHGkS8Cd

Score
7/10

Malware Config

Targets

    • Target

      684e58097257460c80d6d1722e6d751e_JaffaCakes118

    • Size

      3.8MB

    • MD5

      684e58097257460c80d6d1722e6d751e

    • SHA1

      dc5aec127d721c889c642800590f3722ec843a6b

    • SHA256

      f6056bf443cbb3630c60d3e50780cb5654a9c356a0207e539127a13157c9af39

    • SHA512

      9fe72a5e02ee810c3fe97852e25b448032bd178446d44e3d0ed33a5e26714475ef3d2c9cbd6ee984a192c91bbedf94554c4803b48d0b53c96914486e1a0b50e2

    • SSDEEP

      98304:uZuarCtWyX0p+tUFHtrXCDHGkSn8b+vPdP:uZHrzyG+2aDHGkS8Cd

    Score
    7/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks