1818b1d5dfe20074745e0ae145c6f0effd36d47cd801a542db671c9d818a1f5e | Triage

Sharing

General

Target

2e525fd12fa205bfcf3e31a2e8cc4a33_JaffaCakes118
Size

752KB
Sample

240709-afag8sycrg
MD5

2e525fd12fa205bfcf3e31a2e8cc4a33
SHA1

bde0774c70287f199e6e648a273c17d54c6d3c51
SHA256

1818b1d5dfe20074745e0ae145c6f0effd36d47cd801a542db671c9d818a1f5e
SHA512

10548a293d75c3fe61d0cfe7155f4ae758ebbe3c31f6a4dd6537b211053c55266f9921b933a95084e6a7e9d2bb02354de39ddee09fe8e10ee53c38bc492dd1ad
SSDEEP

12288:N//76GGDtNFp7PTzvHq1NNfr2RInBZqpzUF4AnjZnMei/SFfdYTQq5BeXBWV:x/vGDt9TzvHqH5pqtURjZnli5kAwRWV

Score

10^/10

evasion

Malware Config

Targets

- Target
  
  2e525fd12fa205bfcf3e31a2e8cc4a33_JaffaCakes118
- Size
  
  752KB
- MD5
  
  2e525fd12fa205bfcf3e31a2e8cc4a33
- SHA1
  
  bde0774c70287f199e6e648a273c17d54c6d3c51
- SHA256
  
  1818b1d5dfe20074745e0ae145c6f0effd36d47cd801a542db671c9d818a1f5e
- SHA512
  
  10548a293d75c3fe61d0cfe7155f4ae758ebbe3c31f6a4dd6537b211053c55266f9921b933a95084e6a7e9d2bb02354de39ddee09fe8e10ee53c38bc492dd1ad
- SSDEEP
  
  12288:N//76GGDtNFp7PTzvHq1NNfr2RInBZqpzUF4AnjZnMei/SFfdYTQq5BeXBWV:x/vGDt9TzvHqH5pqtURjZnli5kAwRWV
Score

10^/10

evasion
- Modifies security service
  evasion
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2