5f9e4166bc107df49e10d7190b312c758e446cc01faa5b6a938603891f3b97b4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6a750ba2b76c20489dff1d0979461032_JaffaCakes118
Size

853KB
Sample

240523-k75gssbf81
MD5

6a750ba2b76c20489dff1d0979461032
SHA1

db23f938443c5d22d84aebb9125d22f446d44f75
SHA256

5f9e4166bc107df49e10d7190b312c758e446cc01faa5b6a938603891f3b97b4
SHA512

976cb897a383fdbd719da6e494feb3e8c598a474f0414d23a4210266e7036ab8bfdef9e22bc3c70721c1cab93092d666d9cdac92f3105ab8d91acc64c7d6a705
SSDEEP

24576:1Yq2/9nnr5cDNsOQfKJL9ki1arPvi/cjaBYfv:mqaxyDC2JmSoPvikO8

Score

7^/10

Malware Config

Targets

- Target
  
  6a750ba2b76c20489dff1d0979461032_JaffaCakes118
- Size
  
  853KB
- MD5
  
  6a750ba2b76c20489dff1d0979461032
- SHA1
  
  db23f938443c5d22d84aebb9125d22f446d44f75
- SHA256
  
  5f9e4166bc107df49e10d7190b312c758e446cc01faa5b6a938603891f3b97b4
- SHA512
  
  976cb897a383fdbd719da6e494feb3e8c598a474f0414d23a4210266e7036ab8bfdef9e22bc3c70721c1cab93092d666d9cdac92f3105ab8d91acc64c7d6a705
- SSDEEP
  
  24576:1Yq2/9nnr5cDNsOQfKJL9ki1arPvi/cjaBYfv:mqaxyDC2JmSoPvikO8
Score

7^/10
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2