9a3a657c8e009c292e9e065ad85c517ddb29e89833ca904589d6cc97495e1ab2 | Triage

Sharing

General

Target

94ffe96b6b1f04fb54185d5a7aa0f721_JaffaCakes118
Size

853KB
Sample

240604-qmrm4ahd99
MD5

94ffe96b6b1f04fb54185d5a7aa0f721
SHA1

66057c1f55d873e2d61a41f93eac16e6f6059aa9
SHA256

9a3a657c8e009c292e9e065ad85c517ddb29e89833ca904589d6cc97495e1ab2
SHA512

e19e1f6be3613565af677eee7a66d729e549f5dd4fdbbc55d27744dac759eec85473845594b2714efe6cefc4ebb0135e0d3a3e5605e318407261296265adfc7b
SSDEEP

24576:1Yq2/9nnr5cDNsOQfKJL9ki1arPvi/cjaBYfv:mqaxyDC2JmSoPvikO8

Score

7^/10

Malware Config

Targets

- Target
  
  94ffe96b6b1f04fb54185d5a7aa0f721_JaffaCakes118
- Size
  
  853KB
- MD5
  
  94ffe96b6b1f04fb54185d5a7aa0f721
- SHA1
  
  66057c1f55d873e2d61a41f93eac16e6f6059aa9
- SHA256
  
  9a3a657c8e009c292e9e065ad85c517ddb29e89833ca904589d6cc97495e1ab2
- SHA512
  
  e19e1f6be3613565af677eee7a66d729e549f5dd4fdbbc55d27744dac759eec85473845594b2714efe6cefc4ebb0135e0d3a3e5605e318407261296265adfc7b
- SSDEEP
  
  24576:1Yq2/9nnr5cDNsOQfKJL9ki1arPvi/cjaBYfv:mqaxyDC2JmSoPvikO8
Score

7^/10
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2