8e73033beb4ad6dd7bd081105edc933161a1cc1939e8a692210045fd5dcc1004 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6feaf1c6ec81cef8988d13dd164094bd_JaffaCakes118
Size

853KB
Sample

240524-1tdd6acg54
MD5

6feaf1c6ec81cef8988d13dd164094bd
SHA1

43c6866fc1c746916e159df753158ed5cdfa9d86
SHA256

8e73033beb4ad6dd7bd081105edc933161a1cc1939e8a692210045fd5dcc1004
SHA512

6ecb73943a50e5814f1a217fea562d09142ec05bd4045832d2ed9bf052f43c604c485465b0d05b80d8cf88b98dee18af57b31cad6af61bc578110f8cd0ad560f
SSDEEP

24576:1Yq2/9nnr5cDNsOQfKJL9ki1arPvi/cjaBYfv:mqaxyDC2JmSoPvikO8

Score

7^/10

Malware Config

Targets

- Target
  
  6feaf1c6ec81cef8988d13dd164094bd_JaffaCakes118
- Size
  
  853KB
- MD5
  
  6feaf1c6ec81cef8988d13dd164094bd
- SHA1
  
  43c6866fc1c746916e159df753158ed5cdfa9d86
- SHA256
  
  8e73033beb4ad6dd7bd081105edc933161a1cc1939e8a692210045fd5dcc1004
- SHA512
  
  6ecb73943a50e5814f1a217fea562d09142ec05bd4045832d2ed9bf052f43c604c485465b0d05b80d8cf88b98dee18af57b31cad6af61bc578110f8cd0ad560f
- SSDEEP
  
  24576:1Yq2/9nnr5cDNsOQfKJL9ki1arPvi/cjaBYfv:mqaxyDC2JmSoPvikO8
Score

7^/10
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2