73c65dfa67b61fd31bc3a58da5c919e60bcaffe66e3b8dc3710c085dac272830 | Triage

Sharing

General

Target

3c55af3c92b682b83773ef3a99281f7c_JaffaCakes118
Size

660KB
Sample

240712-hefxmasdjk
MD5

3c55af3c92b682b83773ef3a99281f7c
SHA1

2ae250bd641fee2cb6736da37a1a329ac2f0bbd9
SHA256

73c65dfa67b61fd31bc3a58da5c919e60bcaffe66e3b8dc3710c085dac272830
SHA512

935783d7b0c520925a72389e1b43af3d7a1cb337f0f70a2fe80f0b2ec4dbccae54250c985da7f2bd74e783594c6dbe90d8d5aaa4e7da1533e7a4522b3847f950
SSDEEP

12288:rkoICAa5jUPa9ZDNNSBZpkJqRl7k86fpgBDDJrS7LE9HTFIUYVRSs5KHwY:IoICAsjVRmsJS7kF6lDJqLGT4RSsk

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  3c55af3c92b682b83773ef3a99281f7c_JaffaCakes118
- Size
  
  660KB
- MD5
  
  3c55af3c92b682b83773ef3a99281f7c
- SHA1
  
  2ae250bd641fee2cb6736da37a1a329ac2f0bbd9
- SHA256
  
  73c65dfa67b61fd31bc3a58da5c919e60bcaffe66e3b8dc3710c085dac272830
- SHA512
  
  935783d7b0c520925a72389e1b43af3d7a1cb337f0f70a2fe80f0b2ec4dbccae54250c985da7f2bd74e783594c6dbe90d8d5aaa4e7da1533e7a4522b3847f950
- SSDEEP
  
  12288:rkoICAa5jUPa9ZDNNSBZpkJqRl7k86fpgBDDJrS7LE9HTFIUYVRSs5KHwY:IoICAsjVRmsJS7kF6lDJqLGT4RSsk
Score

7^/10

persistence
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2