5ef41a50cf3880f1aa7704bfb66544b5732717324ba5486e2dc04fc0d6aaa7fa | Triage

Sharing

Copy URL Twitter E-mail

General

Target

08803cc0b3c76671d211782c4bfad220_JaffaCakes118
Size

912KB
Sample

240624-pmv5vavhpk
MD5

08803cc0b3c76671d211782c4bfad220
SHA1

2234ba9ca0fb26c19aa25192c1fd2c32d9c9dc06
SHA256

5ef41a50cf3880f1aa7704bfb66544b5732717324ba5486e2dc04fc0d6aaa7fa
SHA512

53656399249b4bd285af101e0a041e55361ad3f04577f7db5d24f1ec2a7f4e417d788711f04b79bd24295bf6473d21957d495c060529a8b07003e34efb8be66a
SSDEEP

12288:JIrzktZ1uHcvV1NNfUTrU1P68U18MlL9dkg2eNqG1ssMBi+Ve565MjVb/hEfCUqm:qXs1uHMVHmTrcERh1ngVch7Jkvq6

Score

8^/10

Malware Config

Targets

- Target
  
  08803cc0b3c76671d211782c4bfad220_JaffaCakes118
- Size
  
  912KB
- MD5
  
  08803cc0b3c76671d211782c4bfad220
- SHA1
  
  2234ba9ca0fb26c19aa25192c1fd2c32d9c9dc06
- SHA256
  
  5ef41a50cf3880f1aa7704bfb66544b5732717324ba5486e2dc04fc0d6aaa7fa
- SHA512
  
  53656399249b4bd285af101e0a041e55361ad3f04577f7db5d24f1ec2a7f4e417d788711f04b79bd24295bf6473d21957d495c060529a8b07003e34efb8be66a
- SSDEEP
  
  12288:JIrzktZ1uHcvV1NNfUTrU1P68U18MlL9dkg2eNqG1ssMBi+Ve565MjVb/hEfCUqm:qXs1uHMVHmTrcERh1ngVch7Jkvq6
Score

8^/10
- Drops file in Drivers directory
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2