192c21c81e7045fe9c2f344cc9073caba8b99ae9bafc2013675f61b61775ca6f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b50cec8fef0a06edab624ee4c59f5339_JaffaCakes118
Size

203KB
Sample

240821-zypsbazhqe
MD5

b50cec8fef0a06edab624ee4c59f5339
SHA1

aaaac37d052936efb69c7314b678c717054695f3
SHA256

192c21c81e7045fe9c2f344cc9073caba8b99ae9bafc2013675f61b61775ca6f
SHA512

b0e600093598d69d9de226ed300b75f57ff7d76cab64f137b7d67ffcfad412bd72da16e22e6d513ff9ff115edac5ac5c1d7311ecee22067153c126bc7b30d47a
SSDEEP

3072:CknsNCssHX3snfKUuJ++URGUnSp0xkjP4YIpE1hg51qeAsaTA+6WSm4+i8rOR:CknOTI0RG6SKxo2JfqeAhTA+644Tp

Score

6^/10

discovery

Malware Config

Targets

- Target
  
  b50cec8fef0a06edab624ee4c59f5339_JaffaCakes118
- Size
  
  203KB
- MD5
  
  b50cec8fef0a06edab624ee4c59f5339
- SHA1
  
  aaaac37d052936efb69c7314b678c717054695f3
- SHA256
  
  192c21c81e7045fe9c2f344cc9073caba8b99ae9bafc2013675f61b61775ca6f
- SHA512
  
  b0e600093598d69d9de226ed300b75f57ff7d76cab64f137b7d67ffcfad412bd72da16e22e6d513ff9ff115edac5ac5c1d7311ecee22067153c126bc7b30d47a
- SSDEEP
  
  3072:CknsNCssHX3snfKUuJ++URGUnSp0xkjP4YIpE1hg51qeAsaTA+6WSm4+i8rOR:CknOTI0RG6SKxo2JfqeAhTA+644Tp
Score

6^/10

discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2