5ba16917fc8e971227870bf66f7715645971adb217d2ebbe2bdcca125fc43884 | Triage

Sharing

General

Target

af47ef42f44cfb47136b10f5849a14dc_JaffaCakes118
Size

89KB
Sample

240820-p1afassdld
MD5

af47ef42f44cfb47136b10f5849a14dc
SHA1

2aedf8902a2fab4eaaa43c4471e503a714d786cc
SHA256

5ba16917fc8e971227870bf66f7715645971adb217d2ebbe2bdcca125fc43884
SHA512

eaea37158f8610938cdcb9b628420b3309fec18664608ca47607dda496817fcc36ac857b954d08a34c8cee7896d4c32ae893938e58f84c1d81f9f518684a18d7
SSDEEP

768:pPY+OBNYIQShTBy1GuqFFSDpcdlKETkZRR//N0cnZj0O6Guz+4NMmOCITdogw:pL6Zs1fqrSDpol1cN0+Zj0/zdW

Score

6^/10

discovery

Malware Config

Targets

- Target
  
  af47ef42f44cfb47136b10f5849a14dc_JaffaCakes118
- Size
  
  89KB
- MD5
  
  af47ef42f44cfb47136b10f5849a14dc
- SHA1
  
  2aedf8902a2fab4eaaa43c4471e503a714d786cc
- SHA256
  
  5ba16917fc8e971227870bf66f7715645971adb217d2ebbe2bdcca125fc43884
- SHA512
  
  eaea37158f8610938cdcb9b628420b3309fec18664608ca47607dda496817fcc36ac857b954d08a34c8cee7896d4c32ae893938e58f84c1d81f9f518684a18d7
- SSDEEP
  
  768:pPY+OBNYIQShTBy1GuqFFSDpcdlKETkZRR//N0cnZj0O6Guz+4NMmOCITdogw:pL6Zs1fqrSDpol1cN0+Zj0/zdW
Score

6^/10

discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2