General

  • Target

    a48cfef0f5c95921418424b865f24a12_JaffaCakes118

  • Size

    853KB

  • Sample

    240613-jzhgmavajm

  • MD5

    a48cfef0f5c95921418424b865f24a12

  • SHA1

    44f891bab714d96801560d9b026b33b7b45140e3

  • SHA256

    4cdd50d258f759d35b6b81f5f9fb6a6d1064b15c596bb68569b5e4037da3bdf9

  • SHA512

    d718bdf715f14218af3ca2078c49f7ad10a98ef4c1bbf12361140b6f20c35de10482809f600894d23ef7658a5641248b92592e1a46f09608dfdc6e4e7e2eb191

  • SSDEEP

    24576:1Yq2/9nnr5cDNsOQfKJL9ki1arPvi/cjaBYfv6:mqaxyDC2JmSoPvikO86

Score
7/10

Malware Config

Targets

    • Target

      a48cfef0f5c95921418424b865f24a12_JaffaCakes118

    • Size

      853KB

    • MD5

      a48cfef0f5c95921418424b865f24a12

    • SHA1

      44f891bab714d96801560d9b026b33b7b45140e3

    • SHA256

      4cdd50d258f759d35b6b81f5f9fb6a6d1064b15c596bb68569b5e4037da3bdf9

    • SHA512

      d718bdf715f14218af3ca2078c49f7ad10a98ef4c1bbf12361140b6f20c35de10482809f600894d23ef7658a5641248b92592e1a46f09608dfdc6e4e7e2eb191

    • SSDEEP

      24576:1Yq2/9nnr5cDNsOQfKJL9ki1arPvi/cjaBYfv6:mqaxyDC2JmSoPvikO86

    Score
    7/10
    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Loads dropped DLL

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks