ccbde413a1b675fbf1d5fa0c628312c2abd9609ab0055e1174fbe13c5e04dae5 | Triage

Sharing

General

Target

4566a0335e88e607bdc80854bd7c18b8_JaffaCakes118
Size

1.2MB
Sample

240714-md5a2swflr
MD5

4566a0335e88e607bdc80854bd7c18b8
SHA1

67776f23067b094919e2649678efab9ea5561741
SHA256

ccbde413a1b675fbf1d5fa0c628312c2abd9609ab0055e1174fbe13c5e04dae5
SHA512

b9bb4a358056a9c4592ebf038c203ab9ea8435d0d08f90724edfa156e4b668530942ce425d9b5961122212e167e5eb9a5d2b51b2647984a66fc80dcc1fc1ae03
SSDEEP

24576:wHshkdggBuYDi92N5ffXfVjFUJwmNOHdwcpBeCrYu0xH4erIWBHEQMV/XMO67Y/:P6NTc2fftjYnYM0YV4U2tB

Score

7^/10

evasion

Malware Config

Targets

- Target
  
  4566a0335e88e607bdc80854bd7c18b8_JaffaCakes118
- Size
  
  1.2MB
- MD5
  
  4566a0335e88e607bdc80854bd7c18b8
- SHA1
  
  67776f23067b094919e2649678efab9ea5561741
- SHA256
  
  ccbde413a1b675fbf1d5fa0c628312c2abd9609ab0055e1174fbe13c5e04dae5
- SHA512
  
  b9bb4a358056a9c4592ebf038c203ab9ea8435d0d08f90724edfa156e4b668530942ce425d9b5961122212e167e5eb9a5d2b51b2647984a66fc80dcc1fc1ae03
- SSDEEP
  
  24576:wHshkdggBuYDi92N5ffXfVjFUJwmNOHdwcpBeCrYu0xH4erIWBHEQMV/XMO67Y/:P6NTc2fftjYnYM0YV4U2tB
Score

7^/10

evasion
- Executes dropped EXE
- Identifies Wine through registry keys
  Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
  evasion
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2