47f3b4dac57ef21a84253ef888a836b5e5a126f3e1f33d40055a820adca4bf40 | Triage

Sharing

General

Target

0c3c8f8be75915b62546a16f8d080fdc_JaffaCakes118
Size

67KB
Sample

240625-dqyjlaxfpb
MD5

0c3c8f8be75915b62546a16f8d080fdc
SHA1

8e5fc6de15a8428a4ff37d73827223527400301b
SHA256

47f3b4dac57ef21a84253ef888a836b5e5a126f3e1f33d40055a820adca4bf40
SHA512

4e74cac75b198360ef3656b6c5c906774e6de72d6fd4e9b52de88c767888fcd67aeec58d2e87279c31989f1765a60fa10208a6d6e009e1050023b4b4f8085dac
SSDEEP

768:Jc588yB1RnUHXYuyBpVRFOrqpp1l1jKdfeRw7C9pWQNScYFWobO93JupQesBBkl:Js4B1RpVRwrcl8dD5MnYTOFJxBG

Score

6^/10

Malware Config

Targets

- Target
  
  0c3c8f8be75915b62546a16f8d080fdc_JaffaCakes118
- Size
  
  67KB
- MD5
  
  0c3c8f8be75915b62546a16f8d080fdc
- SHA1
  
  8e5fc6de15a8428a4ff37d73827223527400301b
- SHA256
  
  47f3b4dac57ef21a84253ef888a836b5e5a126f3e1f33d40055a820adca4bf40
- SHA512
  
  4e74cac75b198360ef3656b6c5c906774e6de72d6fd4e9b52de88c767888fcd67aeec58d2e87279c31989f1765a60fa10208a6d6e009e1050023b4b4f8085dac
- SSDEEP
  
  768:Jc588yB1RnUHXYuyBpVRFOrqpp1l1jKdfeRw7C9pWQNScYFWobO93JupQesBBkl:Js4B1RpVRwrcl8dD5MnYTOFJxBG
Score

6^/10
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2