b16f8fb89dc9029841ab5b7ace8964f4c6d1dfef025f061f7c126e712964f3c3 | Triage

Sharing

General

Target

6bdd2eb674574bddc82a77bd4c7c798b_JaffaCakes118
Size

1.1MB
Sample

240523-w3nh9sbg95
MD5

6bdd2eb674574bddc82a77bd4c7c798b
SHA1

7f2c61c95666838a02c7b7dcd726556b7d886ffc
SHA256

b16f8fb89dc9029841ab5b7ace8964f4c6d1dfef025f061f7c126e712964f3c3
SHA512

9c9bc529482c0643c401232b07d22dd4648da487c744999284525f71ef73f2edc392d8a1de95249835de6e15cadd01d9d4c9584f70bb20300338abba7b9ba355
SSDEEP

24576:tYnP0MeimjbF1kpyj60g1nR79/gMx2KQd:tCP0Jn39jURBoQdQ

Score

7^/10

Malware Config

Targets

- Target
  
  6bdd2eb674574bddc82a77bd4c7c798b_JaffaCakes118
- Size
  
  1.1MB
- MD5
  
  6bdd2eb674574bddc82a77bd4c7c798b
- SHA1
  
  7f2c61c95666838a02c7b7dcd726556b7d886ffc
- SHA256
  
  b16f8fb89dc9029841ab5b7ace8964f4c6d1dfef025f061f7c126e712964f3c3
- SHA512
  
  9c9bc529482c0643c401232b07d22dd4648da487c744999284525f71ef73f2edc392d8a1de95249835de6e15cadd01d9d4c9584f70bb20300338abba7b9ba355
- SSDEEP
  
  24576:tYnP0MeimjbF1kpyj60g1nR79/gMx2KQd:tCP0Jn39jURBoQdQ
Score

7^/10
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Loads dropped DLL
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Peripheral Device Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2