f1c768a2ff0a684871f62d9cff1c43697dae3350c64124f5b9e5ec0aa98444d4 | Triage

Sharing

General

Target

5c20a9ee81cf2304c426e1f561ed710d_JaffaCakes118
Size

130KB
Sample

240719-qptkgatbqn
MD5

5c20a9ee81cf2304c426e1f561ed710d
SHA1

1b27fc87d037769e76b35f63507884c1e31a0c0a
SHA256

f1c768a2ff0a684871f62d9cff1c43697dae3350c64124f5b9e5ec0aa98444d4
SHA512

b0c671e9c1139a1910e32cfae71faaa8ebe3190c5321f6038278966a82953aa538c2bf2c5cac104fddb7f1fd805555b0b029970f5f757ef727c342350e21624e
SSDEEP

3072:i2abddVBGtdFxyb5InOjRD9P6YG7OTBQbyDi:iVbvVMnNOdp6f8i

Score

7^/10

Malware Config

Targets

- Target
  
  5c20a9ee81cf2304c426e1f561ed710d_JaffaCakes118
- Size
  
  130KB
- MD5
  
  5c20a9ee81cf2304c426e1f561ed710d
- SHA1
  
  1b27fc87d037769e76b35f63507884c1e31a0c0a
- SHA256
  
  f1c768a2ff0a684871f62d9cff1c43697dae3350c64124f5b9e5ec0aa98444d4
- SHA512
  
  b0c671e9c1139a1910e32cfae71faaa8ebe3190c5321f6038278966a82953aa538c2bf2c5cac104fddb7f1fd805555b0b029970f5f757ef727c342350e21624e
- SSDEEP
  
  3072:i2abddVBGtdFxyb5InOjRD9P6YG7OTBQbyDi:iVbvVMnNOdp6f8i
Score

7^/10
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Deletes itself
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2