90936bc86b04e9bc031b7fed2da20f4a11fe4c8e56d6fe2334ca19bc8a2cd21d | Triage

Sharing

General

Target

4bc46ea32cc6aa981aa61eea536cadfd_JaffaCakes118
Size

178KB
Sample

240715-2wt1cstckn
MD5

4bc46ea32cc6aa981aa61eea536cadfd
SHA1

da7970c2e12d356d04fa67b1387136171c0fba56
SHA256

90936bc86b04e9bc031b7fed2da20f4a11fe4c8e56d6fe2334ca19bc8a2cd21d
SHA512

2dc73de21a171aa71add6e96f7c27b1c5b3d04c31bfc4e7b9e955a06b0197232f5c157866f00a5afb7b9a994337257bd51c815aa92eb4e426a8f3140855402a7
SSDEEP

3072:N6FRjdyvCVSxBeMtfPz4Wk27GysFrjmmvz+WkT4:EFRjEvCVSxBeMtfPz4W8rjmGsT4

Score

6^/10

Malware Config

Targets

- Target
  
  4bc46ea32cc6aa981aa61eea536cadfd_JaffaCakes118
- Size
  
  178KB
- MD5
  
  4bc46ea32cc6aa981aa61eea536cadfd
- SHA1
  
  da7970c2e12d356d04fa67b1387136171c0fba56
- SHA256
  
  90936bc86b04e9bc031b7fed2da20f4a11fe4c8e56d6fe2334ca19bc8a2cd21d
- SHA512
  
  2dc73de21a171aa71add6e96f7c27b1c5b3d04c31bfc4e7b9e955a06b0197232f5c157866f00a5afb7b9a994337257bd51c815aa92eb4e426a8f3140855402a7
- SSDEEP
  
  3072:N6FRjdyvCVSxBeMtfPz4Wk27GysFrjmmvz+WkT4:EFRjEvCVSxBeMtfPz4W8rjmGsT4
Score

6^/10
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2