8c5ff5704a0076f15dcfd35860952baa6f4e96e049e496b4a697270a0fdc6a16 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7c59b4ad72ae2225c3f67e351aaf0f92_JaffaCakes118
Size

853KB
Sample

240528-kkk5mscg8x
MD5

7c59b4ad72ae2225c3f67e351aaf0f92
SHA1

e577f5a7110ac2ad92133f9296737f51d64f5bdf
SHA256

8c5ff5704a0076f15dcfd35860952baa6f4e96e049e496b4a697270a0fdc6a16
SHA512

2cd4bfad9fa3973658e27747f0890e0ba0b0964efcb9ff070417bdb7eb4d94fba0a6657203ba1c7f8b501fa8a5971a8f0b2cc2e7c925ffd6d6a29d1141f4e6a0
SSDEEP

24576:1Yq2/9nnr5cDNsOQfKJL9ki1arPvi/cjaBYfv:mqaxyDC2JmSoPvikO8

Score

7^/10

Malware Config

Targets

- Target
  
  7c59b4ad72ae2225c3f67e351aaf0f92_JaffaCakes118
- Size
  
  853KB
- MD5
  
  7c59b4ad72ae2225c3f67e351aaf0f92
- SHA1
  
  e577f5a7110ac2ad92133f9296737f51d64f5bdf
- SHA256
  
  8c5ff5704a0076f15dcfd35860952baa6f4e96e049e496b4a697270a0fdc6a16
- SHA512
  
  2cd4bfad9fa3973658e27747f0890e0ba0b0964efcb9ff070417bdb7eb4d94fba0a6657203ba1c7f8b501fa8a5971a8f0b2cc2e7c925ffd6d6a29d1141f4e6a0
- SSDEEP
  
  24576:1Yq2/9nnr5cDNsOQfKJL9ki1arPvi/cjaBYfv:mqaxyDC2JmSoPvikO8
Score

7^/10
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2