a7d8fad69caf6f20b0e5d0dc32a68b382b6100baf5ca7895ff98f1146fb6a58a | Triage

Sharing

General

Target

b45d7c17f4b31c9f4e1cd793141e7e4d_JaffaCakes118
Size

891KB
Sample

240821-v2dr1a1flb
MD5

b45d7c17f4b31c9f4e1cd793141e7e4d
SHA1

8c354b2eec675735cdb8a91fa586eeab929fcb85
SHA256

a7d8fad69caf6f20b0e5d0dc32a68b382b6100baf5ca7895ff98f1146fb6a58a
SHA512

98f8e93e56f5803e52c96a74ffb8d2008f5a82608bd54704e0600ab29edb642045682958fa39f212159a83dd4e2ecba9714bbf45b32e85ea73974aaaf7de5379
SSDEEP

24576:aqve97MUZjg9qI2e0IwluMAwtA2NptIeVvsDqS5k60MU:Xs7MgEpYmcItDqS5O7

Score

7^/10

discovery upx

Malware Config

Targets

- Target
  
  elfbot.dll
- Size
  
  1.4MB
- MD5
  
  9b948e02a141517d50a5328bda57e965
- SHA1
  
  262eec74677e50e85952fd7e0a256adc64db431e
- SHA256
  
  eb84edb1b813e5b433607fa3ea4a4c344059fcb099b2380976879ddab08408b6
- SHA512
  
  03418fbaac748f6e8053c56610a653601209eafb6d1273b43f340afb6f7b0347dbd95ff4790df76394dba9d96ae273b0f58a22669ea4a692dbe83eafed610af5
- SSDEEP
  
  24576:vi0Tf1DxMVVvmdrjM+TrQRlUsh5SEjPtA8JP9WVoAgYxcZ6mdL:vvMVYBM+TsfUI1d9gorYhml
Score

7^/10

discovery
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
behavioral1 behavioral2
- Target
  
  elfload.dll
- Size
  
  41KB
- MD5
  
  0a58c05d59777d16b2ad9ec32a6ecb44
- SHA1
  
  cb6f7c57e3c13ea8bad04fac896753152eb68660
- SHA256
  
  f12023454301b8ee349f9f474fff2996c85550648c363a8b1ac6d006525b4bc6
- SHA512
  
  51b7d1d91297246d5d0eafe7e87ec0d3369744d8631797d6373e089823d0f4ce42c2454e5bdb7fe34e2ed191357a72d31aac8b919834fab3f6c031af7bba0aa9
- SSDEEP
  
  768:fC6dfYQd2bFt6oxs+iqDjw/0d0mZoowhnUVeWdIXnbcuyD7U4xejYlIxS:fCkYDbT33jw/0tZ4nWvonouy84FIc
Score

7^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral3 behavioral4
- Target
  
  elfload2.dll
- Size
  
  35KB
- MD5
  
  962687402f3ff0259618a668f9baca6d
- SHA1
  
  9a06c69fc674c03dd0515feb24853403e15833f2
- SHA256
  
  4d6980fec7777a4557a08eceda8f77e8cad70e56f4da563ec4e3fac1b4e423f1
- SHA512
  
  497852d2deb3ecddbc10ac07a6153b9bd7d31abcdaea30ae19dc0792eee2f77e34d5547357d0a43dee26111f6edfa83c9372f4ff42917fc378daed3252e70528
- SSDEEP
  
  768:+ho2807sCQC7WiwJjKegezHsIvqZhmfKkap0AfTWRewFAdI0bdc:a7sCX7WiwJjKegezHsIvAJJ0ACRzAG0O
Score

7^/10

discovery
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
behavioral5 behavioral6

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6