1806919c5391d92f748bbe1a6a2315abbe7364594a12c1696f4475f9f43342bd | Triage

Sharing

General

Target

39a320263c23908850097c1d43ba27d9_JaffaCakes118
Size

2.4MB
Sample

240711-sjyncathma
MD5

39a320263c23908850097c1d43ba27d9
SHA1

5bfafe46d10813c227a9771da7bf114b46ec74af
SHA256

1806919c5391d92f748bbe1a6a2315abbe7364594a12c1696f4475f9f43342bd
SHA512

f6ef8b2efc8a26cf178ecc8ce754362c4802ebf9d259efa53844b1ee79e0a28930bb2ea852c997e35d70d615a7aa6ff68301039f347c06839cb3d28ce025d292
SSDEEP

49152:vbk3LpvzmFjmZgkmALxIW8u8+v8Vv5GLtZF:0zkjmw0xT8ulvMxGRj

Score

7^/10

evasion

Malware Config

Targets

- Target
  
  39a320263c23908850097c1d43ba27d9_JaffaCakes118
- Size
  
  2.4MB
- MD5
  
  39a320263c23908850097c1d43ba27d9
- SHA1
  
  5bfafe46d10813c227a9771da7bf114b46ec74af
- SHA256
  
  1806919c5391d92f748bbe1a6a2315abbe7364594a12c1696f4475f9f43342bd
- SHA512
  
  f6ef8b2efc8a26cf178ecc8ce754362c4802ebf9d259efa53844b1ee79e0a28930bb2ea852c997e35d70d615a7aa6ff68301039f347c06839cb3d28ce025d292
- SSDEEP
  
  49152:vbk3LpvzmFjmZgkmALxIW8u8+v8Vv5GLtZF:0zkjmw0xT8ulvMxGRj
Score

7^/10

evasion
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Identifies Wine through registry keys
  Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
  evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2