11c516c2efccd1f746ca59c497c3fe899ccc709fe1807d63c769fea5c50e6f67 | Triage

Sharing

General

Target

ab7c895c92a1d9acbf01616fefcad3fd_JaffaCakes118
Size

520KB
Sample

240614-z1ys1azdrm
MD5

ab7c895c92a1d9acbf01616fefcad3fd
SHA1

3197dce3de999ec30cf5e3edf5e22ad55cb871bc
SHA256

11c516c2efccd1f746ca59c497c3fe899ccc709fe1807d63c769fea5c50e6f67
SHA512

dfba3e8f7fc085b12bed0a60e3191c711b4453c1d17e019ab15836a6a2336433c132bf3f15b5461f0514da8db9c9f8db11702270fa02b99ee9ac8363e2acbecd
SSDEEP

12288:bL7GuyK/RFuWzlbyCCVUVrvet55WaVwzOFd2RnKLbNaQ/CX2xVkNKf:vXyidzJynUVc5YaiOGRKXNCuGNKf

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  ab7c895c92a1d9acbf01616fefcad3fd_JaffaCakes118
- Size
  
  520KB
- MD5
  
  ab7c895c92a1d9acbf01616fefcad3fd
- SHA1
  
  3197dce3de999ec30cf5e3edf5e22ad55cb871bc
- SHA256
  
  11c516c2efccd1f746ca59c497c3fe899ccc709fe1807d63c769fea5c50e6f67
- SHA512
  
  dfba3e8f7fc085b12bed0a60e3191c711b4453c1d17e019ab15836a6a2336433c132bf3f15b5461f0514da8db9c9f8db11702270fa02b99ee9ac8363e2acbecd
- SSDEEP
  
  12288:bL7GuyK/RFuWzlbyCCVUVrvet55WaVwzOFd2RnKLbNaQ/CX2xVkNKf:vXyidzJynUVc5YaiOGRKXNCuGNKf
Score

7^/10

discovery
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2