738e63e9d387a2d62c284129eb8c47cf68e0af27b6616186baa6decb9511f3f8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a87cdb72c7993fcd2f90d050c6f05baf_JaffaCakes118
Size

588KB
Sample

240614-h4jd2stcrq
MD5

a87cdb72c7993fcd2f90d050c6f05baf
SHA1

9545373e034bc621315dfc40a7027d8c1467107c
SHA256

738e63e9d387a2d62c284129eb8c47cf68e0af27b6616186baa6decb9511f3f8
SHA512

bc02c99cca16fbfadafd6238a6bbff12cc4857f10efcae537f1df8b076c97a64af73d94cd4450fa3cc46169d47029bc641f929029d613e70cdd3ee5b0f2b3450
SSDEEP

12288:HXznQ+bCxWrUhLZvzC/igEhrNA9SNwyrYAmyhIna3PiGpYh7jY:qgIh0/iLhrekeKYAl4RNY

Score

7^/10

Malware Config

Targets

- Target
  
  a87cdb72c7993fcd2f90d050c6f05baf_JaffaCakes118
- Size
  
  588KB
- MD5
  
  a87cdb72c7993fcd2f90d050c6f05baf
- SHA1
  
  9545373e034bc621315dfc40a7027d8c1467107c
- SHA256
  
  738e63e9d387a2d62c284129eb8c47cf68e0af27b6616186baa6decb9511f3f8
- SHA512
  
  bc02c99cca16fbfadafd6238a6bbff12cc4857f10efcae537f1df8b076c97a64af73d94cd4450fa3cc46169d47029bc641f929029d613e70cdd3ee5b0f2b3450
- SSDEEP
  
  12288:HXznQ+bCxWrUhLZvzC/igEhrNA9SNwyrYAmyhIna3PiGpYh7jY:qgIh0/iLhrekeKYAl4RNY
Score

7^/10
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2