8d6e514aeadc2b07c783ac2269e0228eebf0a4f97e095299b190f2d33820b461 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b03cdc76fda8ca402cb642635da06fcd_JaffaCakes118
Size

431KB
Sample

240615-1kfsxszbkp
MD5

b03cdc76fda8ca402cb642635da06fcd
SHA1

b6fabf59f09047ce6562afe92c9f1355ec481855
SHA256

8d6e514aeadc2b07c783ac2269e0228eebf0a4f97e095299b190f2d33820b461
SHA512

a8c27994634527d2f611340c3c4e6b7a79407817d302da651f9580d76a9e1957e11e8066b54c80102038fd5d639a0e7ab1c887b02e4e46c9ca9c5f1bc422edf2
SSDEEP

6144:bmgTw2Q+RjirTqM7dZ2QjwN/KTLbd7F0HPLFDTFTg33KRcL4YBGUu:bbw2Q+Rjg+4ZsNiTLRGLF1Tg33qcs

Score

9^/10

evasion

Malware Config

Targets

- Target
  
  b03cdc76fda8ca402cb642635da06fcd_JaffaCakes118
- Size
  
  431KB
- MD5
  
  b03cdc76fda8ca402cb642635da06fcd
- SHA1
  
  b6fabf59f09047ce6562afe92c9f1355ec481855
- SHA256
  
  8d6e514aeadc2b07c783ac2269e0228eebf0a4f97e095299b190f2d33820b461
- SHA512
  
  a8c27994634527d2f611340c3c4e6b7a79407817d302da651f9580d76a9e1957e11e8066b54c80102038fd5d639a0e7ab1c887b02e4e46c9ca9c5f1bc422edf2
- SSDEEP
  
  6144:bmgTw2Q+RjirTqM7dZ2QjwN/KTLbd7F0HPLFDTFTg33KRcL4YBGUu:bbw2Q+Rjg+4ZsNiTLRGLF1Tg33qcs
Score

9^/10

evasion
- Checks for common network interception software
  Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
  evasion
- Enumerates VirtualBox registry keys
  evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Software Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2