General

  • Target

    95fd484596f1572682f266487a343b25_JaffaCakes118

  • Size

    4.7MB

  • Sample

    240604-x5nsgshf37

  • MD5

    95fd484596f1572682f266487a343b25

  • SHA1

    0e1a5f7d475cd367e80852adce8945ed9a3cfb51

  • SHA256

    ea5e68d74db3657f0b61c7e14740951bc051beb7364442094174b5a2d3778868

  • SHA512

    1b47212546795ea7f4070e556cbe32be00aa7fb4539e26a2dd33a17fe23db7b49f162f07acf4ecc64497e57add754a88ba062b1fb27a1eaac006f5ecf717003c

  • SSDEEP

    98304:Tl88udp4A2evUNGnVuUwGLVWy0/OQmjmUah6rpHD9:yzDiNyiXfGDv3

Score
7/10

Malware Config

Targets

    • Target

      95fd484596f1572682f266487a343b25_JaffaCakes118

    • Size

      4.7MB

    • MD5

      95fd484596f1572682f266487a343b25

    • SHA1

      0e1a5f7d475cd367e80852adce8945ed9a3cfb51

    • SHA256

      ea5e68d74db3657f0b61c7e14740951bc051beb7364442094174b5a2d3778868

    • SHA512

      1b47212546795ea7f4070e556cbe32be00aa7fb4539e26a2dd33a17fe23db7b49f162f07acf4ecc64497e57add754a88ba062b1fb27a1eaac006f5ecf717003c

    • SSDEEP

      98304:Tl88udp4A2evUNGnVuUwGLVWy0/OQmjmUah6rpHD9:yzDiNyiXfGDv3

    Score
    7/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks