de05fd355951e693afe7d008bf5cfffa83a616e2df78a91649ac456b47b6b718 | Triage

Sharing

General

Target

7602b8cf2b5d802c0a1608b63d9504c8_JaffaCakes118
Size

3.0MB
Sample

240726-2gvy4sygjr
MD5

7602b8cf2b5d802c0a1608b63d9504c8
SHA1

854060edd6af86f7aca34b298173ebb4ba3156f1
SHA256

de05fd355951e693afe7d008bf5cfffa83a616e2df78a91649ac456b47b6b718
SHA512

530f9181061be689dc9a3281bd509235af3a9023151df50e1b981d2a0be33f5b325b7ad1089d07cd945bc2ee913b669d8068771e558094a3e8036fd145a392dc
SSDEEP

98304:bLOOS5P8u+aBOG7bj560qqd0JaxK75GkOOvLAe+S2Qodl:bLOVD+Wv3j5Hqqd0JaxUxvLADnQob

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  7602b8cf2b5d802c0a1608b63d9504c8_JaffaCakes118
- Size
  
  3.0MB
- MD5
  
  7602b8cf2b5d802c0a1608b63d9504c8
- SHA1
  
  854060edd6af86f7aca34b298173ebb4ba3156f1
- SHA256
  
  de05fd355951e693afe7d008bf5cfffa83a616e2df78a91649ac456b47b6b718
- SHA512
  
  530f9181061be689dc9a3281bd509235af3a9023151df50e1b981d2a0be33f5b325b7ad1089d07cd945bc2ee913b669d8068771e558094a3e8036fd145a392dc
- SSDEEP
  
  98304:bLOOS5P8u+aBOG7bj560qqd0JaxK75GkOOvLAe+S2Qodl:bLOVD+Wv3j5Hqqd0JaxUxvLADnQob
Score

7^/10

discovery
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Loads dropped DLL
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2