9e9279746c647b866c4d0a49857541cc29029f4af51c7d7ce3bee9ff1e521807 | Triage

Sharing

General

Target

05789264712317621a7884b6be00e612_JaffaCakes118
Size

185KB
Sample

240620-nbdkzsycpm
MD5

05789264712317621a7884b6be00e612
SHA1

4958ccbe87dd8ef95e18748ddfd78054d4645a59
SHA256

9e9279746c647b866c4d0a49857541cc29029f4af51c7d7ce3bee9ff1e521807
SHA512

db451776d3e8a7f20f5c7a06cc6312a80a3128b5c5ea1fa391f31bfd8b2e33cb2357248d1f3cbf0799421b549e04479835f4bdbab5b389841ebfbab2d419214a
SSDEEP

1536:KKQuCwj//LIlk+gSz5B2ATQrnkAXcPI0JR86liNcCcGd9xKQNblHRi/mE+EXWD6J:QmDSz5BZycv8mqdNl0/mEPXWDuV+RDq

Score

6^/10

Malware Config

Targets

- Target
  
  05789264712317621a7884b6be00e612_JaffaCakes118
- Size
  
  185KB
- MD5
  
  05789264712317621a7884b6be00e612
- SHA1
  
  4958ccbe87dd8ef95e18748ddfd78054d4645a59
- SHA256
  
  9e9279746c647b866c4d0a49857541cc29029f4af51c7d7ce3bee9ff1e521807
- SHA512
  
  db451776d3e8a7f20f5c7a06cc6312a80a3128b5c5ea1fa391f31bfd8b2e33cb2357248d1f3cbf0799421b549e04479835f4bdbab5b389841ebfbab2d419214a
- SSDEEP
  
  1536:KKQuCwj//LIlk+gSz5B2ATQrnkAXcPI0JR86liNcCcGd9xKQNblHRi/mE+EXWD6J:QmDSz5BZycv8mqdNl0/mEPXWDuV+RDq
Score

6^/10
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2