2baf674617dad9ceb659a5862633d5069c2e2ebe14fbf6ed7060ca39554c8c40 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8c48ceb115874b526a93e4375508911e_JaffaCakes118
Size

588KB
Sample

240602-ak8ktscf43
MD5

8c48ceb115874b526a93e4375508911e
SHA1

fc734f347c56db05e4506f52bc27bdf4724fbc21
SHA256

2baf674617dad9ceb659a5862633d5069c2e2ebe14fbf6ed7060ca39554c8c40
SHA512

f70da44582dbac001518a321479218c5d686e5c772f13a0507a11805519027a70595fd5b1e4c0b531198b7ddbbaa5ad1de56110306888e974a2e5e69548ab268
SSDEEP

12288:nXznQ+bCxWrUhLZvzC/igEhrNA9SNwyrYAmyhIna3PiGpYh7jA:KgIh0/iLhrekeKYAl4RNA

Score

7^/10

Malware Config

Targets

- Target
  
  8c48ceb115874b526a93e4375508911e_JaffaCakes118
- Size
  
  588KB
- MD5
  
  8c48ceb115874b526a93e4375508911e
- SHA1
  
  fc734f347c56db05e4506f52bc27bdf4724fbc21
- SHA256
  
  2baf674617dad9ceb659a5862633d5069c2e2ebe14fbf6ed7060ca39554c8c40
- SHA512
  
  f70da44582dbac001518a321479218c5d686e5c772f13a0507a11805519027a70595fd5b1e4c0b531198b7ddbbaa5ad1de56110306888e974a2e5e69548ab268
- SSDEEP
  
  12288:nXznQ+bCxWrUhLZvzC/igEhrNA9SNwyrYAmyhIna3PiGpYh7jA:KgIh0/iLhrekeKYAl4RNA
Score

7^/10
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2