74c24599d5eae5bccc74bd1d7ddadc86b1f5dd11d83f3d0367f4e15744a2ea25 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3f618ae55b335f2a916b747503a39c58_JaffaCakes118
Size

660KB
Sample

240712-3yz5tswfnn
MD5

3f618ae55b335f2a916b747503a39c58
SHA1

1d8e19c16c4c1c7af8c38bd4ea4f1c9687e41129
SHA256

74c24599d5eae5bccc74bd1d7ddadc86b1f5dd11d83f3d0367f4e15744a2ea25
SHA512

b8b0c2e67b99ed459c0b9a79272783aef3f2936600db2e22bc08a2c96f562c038825483562456b43d394f3696843de9435a887664e5d0060d32af123c99ede96
SSDEEP

12288:vc4HfCyyq3+zhw/9vhsHum8WGn8TNNtXAd/cYbQQNWQvviR1qxYNpl/RF0k3hf1:04HfCHqDsOD16fQyiQQNN3iR1n7HNhf1

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  3f618ae55b335f2a916b747503a39c58_JaffaCakes118
- Size
  
  660KB
- MD5
  
  3f618ae55b335f2a916b747503a39c58
- SHA1
  
  1d8e19c16c4c1c7af8c38bd4ea4f1c9687e41129
- SHA256
  
  74c24599d5eae5bccc74bd1d7ddadc86b1f5dd11d83f3d0367f4e15744a2ea25
- SHA512
  
  b8b0c2e67b99ed459c0b9a79272783aef3f2936600db2e22bc08a2c96f562c038825483562456b43d394f3696843de9435a887664e5d0060d32af123c99ede96
- SSDEEP
  
  12288:vc4HfCyyq3+zhw/9vhsHum8WGn8TNNtXAd/cYbQQNWQvviR1qxYNpl/RF0k3hf1:04HfCHqDsOD16fQyiQQNN3iR1n7HNhf1
Score

7^/10

persistence
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2