5c5ede3a7d1813937f9dcd3b537b5296aab6794cc75df62bd87891fbbc94ebca | Triage

Sharing

General

Target

3d75ad0018829ffe5dab447241f318ad_JaffaCakes118
Size

254KB
Sample

240712-p5axmathpl
MD5

3d75ad0018829ffe5dab447241f318ad
SHA1

55cbb6228565eef22c119a3a33b949e979789387
SHA256

5c5ede3a7d1813937f9dcd3b537b5296aab6794cc75df62bd87891fbbc94ebca
SHA512

3a50a8c527ef1164c8bda7666c7f3f0a585b5d0df90130790a61aaf09c40088152b99fe1e02242d792d170bbde96713e84737de4ade4e53c54091ce5635f740e
SSDEEP

6144:3sHRkGY6pkH1X0ZMgnr+97yVp50mrCdue0LI8G1/g1Z:cHu72kH1X4nrhrKmrReof1Z

Score

6^/10

Malware Config

Targets

- Target
  
  3d75ad0018829ffe5dab447241f318ad_JaffaCakes118
- Size
  
  254KB
- MD5
  
  3d75ad0018829ffe5dab447241f318ad
- SHA1
  
  55cbb6228565eef22c119a3a33b949e979789387
- SHA256
  
  5c5ede3a7d1813937f9dcd3b537b5296aab6794cc75df62bd87891fbbc94ebca
- SHA512
  
  3a50a8c527ef1164c8bda7666c7f3f0a585b5d0df90130790a61aaf09c40088152b99fe1e02242d792d170bbde96713e84737de4ade4e53c54091ce5635f740e
- SSDEEP
  
  6144:3sHRkGY6pkH1X0ZMgnr+97yVp50mrCdue0LI8G1/g1Z:cHu72kH1X4nrhrKmrReof1Z
Score

6^/10
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2