f9763c9be7f4bf24fa12f85741a843d8c44c1e80ad2d9332e69c34fc121b90fc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

16a2eae1a9a0d36c8b11f2464960032d_JaffaCakes118
Size

21KB
Sample

240627-tkhtysygkg
MD5

16a2eae1a9a0d36c8b11f2464960032d
SHA1

7b5aaacd9adadb03f0a79ab0a6eccc49178df228
SHA256

f9763c9be7f4bf24fa12f85741a843d8c44c1e80ad2d9332e69c34fc121b90fc
SHA512

224cb497cfa9b3a14ccc82decdd9ccccaf0b1b9ac0b37d2c01f02518b9f755d00d484825312d449dc023a85edd2fe28fe3e18940dc0c115f48b8539bbf505722
SSDEEP

384:LomKRSeLRAyMNRZQWa9DrkKwx72H2xSGjY6j365fVr4HR9AauKedDdc:LobLRAyGUDgKwxCWks3gtUHx

Score

10^/10

Malware Config

Extracted

Credentials

Protocol: ftp
Host:
parapadada.aiq.ru
Port:
21
Username:
u405331
Password:
2uwbi2of

Targets

- Target
  
  16a2eae1a9a0d36c8b11f2464960032d_JaffaCakes118
- Size
  
  21KB
- MD5
  
  16a2eae1a9a0d36c8b11f2464960032d
- SHA1
  
  7b5aaacd9adadb03f0a79ab0a6eccc49178df228
- SHA256
  
  f9763c9be7f4bf24fa12f85741a843d8c44c1e80ad2d9332e69c34fc121b90fc
- SHA512
  
  224cb497cfa9b3a14ccc82decdd9ccccaf0b1b9ac0b37d2c01f02518b9f755d00d484825312d449dc023a85edd2fe28fe3e18940dc0c115f48b8539bbf505722
- SSDEEP
  
  384:LomKRSeLRAyMNRZQWa9DrkKwx72H2xSGjY6j365fVr4HR9AauKedDdc:LobLRAyGUDgKwxCWks3gtUHx
Score

10^/10
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2