aac6c85401bcfb44137ea2ffb6b2b5148b579cbe36b7f32bf5dd3ef703c29058 | Triage

Sharing

General

Target

8cfd92932b2f0747572f000c62cbf087_JaffaCakes118
Size

131KB
Sample

240812-c5n32a1fpr
MD5

8cfd92932b2f0747572f000c62cbf087
SHA1

02498ff8a932a6965c443af371329c7ceebafa95
SHA256

aac6c85401bcfb44137ea2ffb6b2b5148b579cbe36b7f32bf5dd3ef703c29058
SHA512

4d75cffb6e511bd5842cc8ef44b595bb9063d682834f285ffd467198c7b004720042ce01aa9510c88997396692aa994e560b57ad5917181864260fee724cc223
SSDEEP

3072:twhcBpYnePHEzOfCwE0aQjy/ingENd5YK:twIpYiEaLE1Q2ifb5YK

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  8cfd92932b2f0747572f000c62cbf087_JaffaCakes118
- Size
  
  131KB
- MD5
  
  8cfd92932b2f0747572f000c62cbf087
- SHA1
  
  02498ff8a932a6965c443af371329c7ceebafa95
- SHA256
  
  aac6c85401bcfb44137ea2ffb6b2b5148b579cbe36b7f32bf5dd3ef703c29058
- SHA512
  
  4d75cffb6e511bd5842cc8ef44b595bb9063d682834f285ffd467198c7b004720042ce01aa9510c88997396692aa994e560b57ad5917181864260fee724cc223
- SSDEEP
  
  3072:twhcBpYnePHEzOfCwE0aQjy/ingENd5YK:twIpYiEaLE1Q2ifb5YK
Score

7^/10

discovery
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Deletes itself
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2