0cab0e64e6ef5ac1042dbec21708324aeed185a0dd9a81300fea31f187d3e924 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7912c3674e1948acc6502d19cb04adae_JaffaCakes118
Size

1.1MB
Sample

240527-n4nlnaaf4s
MD5

7912c3674e1948acc6502d19cb04adae
SHA1

e133947993cfdcff800bdcd1d369f7c4ddb47200
SHA256

0cab0e64e6ef5ac1042dbec21708324aeed185a0dd9a81300fea31f187d3e924
SHA512

4bfb2087a54c7450de0047df161a8f98dc693cf6adc26142b2183368167a469a66bbfa53717caeac4984b240483e9ea170e3ef8d44d85501697a117881d095f7
SSDEEP

24576:tYnP0MeimjbF1kpyj60g1nR79/gMx2KQdl:tCP0Jn39jURBoQdQL

Score

7^/10

Malware Config

Targets

- Target
  
  7912c3674e1948acc6502d19cb04adae_JaffaCakes118
- Size
  
  1.1MB
- MD5
  
  7912c3674e1948acc6502d19cb04adae
- SHA1
  
  e133947993cfdcff800bdcd1d369f7c4ddb47200
- SHA256
  
  0cab0e64e6ef5ac1042dbec21708324aeed185a0dd9a81300fea31f187d3e924
- SHA512
  
  4bfb2087a54c7450de0047df161a8f98dc693cf6adc26142b2183368167a469a66bbfa53717caeac4984b240483e9ea170e3ef8d44d85501697a117881d095f7
- SSDEEP
  
  24576:tYnP0MeimjbF1kpyj60g1nR79/gMx2KQdl:tCP0Jn39jURBoQdQL
Score

7^/10
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2