eec18896995a756f7c4f39914456d2fb6377584a62ad5604f191828efa341691 | Triage

Sharing

General

Target

32be55093b511a933e492973071a2156_JaffaCakes118
Size

772KB
Sample

240710-blws4axdjj
MD5

32be55093b511a933e492973071a2156
SHA1

9579941948add775b01ed1501e1a3f5a76e648ec
SHA256

eec18896995a756f7c4f39914456d2fb6377584a62ad5604f191828efa341691
SHA512

81a8691eb502b7765297306bb7bc6b5661f301a1d78981bbc451d093ec4c98339767366db396500f6e6543fd0ab565f79bd93c7bc2217291a78c25536f3de497
SSDEEP

12288:ZiMTzbr7IVwmpcTNTuzENNXRgRInBZqpzUF4AnjZnMei/SFfdYTQSiyWq8Aq:Mor0V6TNTuwj3qtURjZnli5k5yWq

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  32be55093b511a933e492973071a2156_JaffaCakes118
- Size
  
  772KB
- MD5
  
  32be55093b511a933e492973071a2156
- SHA1
  
  9579941948add775b01ed1501e1a3f5a76e648ec
- SHA256
  
  eec18896995a756f7c4f39914456d2fb6377584a62ad5604f191828efa341691
- SHA512
  
  81a8691eb502b7765297306bb7bc6b5661f301a1d78981bbc451d093ec4c98339767366db396500f6e6543fd0ab565f79bd93c7bc2217291a78c25536f3de497
- SSDEEP
  
  12288:ZiMTzbr7IVwmpcTNTuzENNXRgRInBZqpzUF4AnjZnMei/SFfdYTQSiyWq8Aq:Mor0V6TNTuwj3qtURjZnli5k5yWq
Score

7^/10

persistence
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2