742d689ec60e34f25c533305888fde480c54fa156527b31f2ef0da7296c8be3c | Triage

Sharing

General

Target

1ada622e8a800409684a951f3f3153a5_JaffaCakes118
Size

4.2MB
Sample

240701-lzaswsvdnd
MD5

1ada622e8a800409684a951f3f3153a5
SHA1

0563dc8321ded1b62aaae37a8320b4fce86c703c
SHA256

742d689ec60e34f25c533305888fde480c54fa156527b31f2ef0da7296c8be3c
SHA512

402ad58890608fa555547a84b56d4d2e489c5c822571c39bedae736055e61c9aa0471a0d8d208e1d05b7fdbbc54306af832d6f54aed0419635dca708ae611c77
SSDEEP

98304:9D4MycvG5b53ng42tmqUyxO6Ibcfc7bvdrObig0Fqe9ur98r:xLi7QO6IS2BObd0F0O

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  1ada622e8a800409684a951f3f3153a5_JaffaCakes118
- Size
  
  4.2MB
- MD5
  
  1ada622e8a800409684a951f3f3153a5
- SHA1
  
  0563dc8321ded1b62aaae37a8320b4fce86c703c
- SHA256
  
  742d689ec60e34f25c533305888fde480c54fa156527b31f2ef0da7296c8be3c
- SHA512
  
  402ad58890608fa555547a84b56d4d2e489c5c822571c39bedae736055e61c9aa0471a0d8d208e1d05b7fdbbc54306af832d6f54aed0419635dca708ae611c77
- SSDEEP
  
  98304:9D4MycvG5b53ng42tmqUyxO6Ibcfc7bvdrObig0Fqe9ur98r:xLi7QO6IS2BObd0F0O
Score

7^/10

persistence
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2