8c0cff40141430b90d84060f64f5343b024856dfb7a6834300c655aae9d2e3f7 | Triage

Sharing

General

Target

bbac2f4939d0679bfb6aca737aae4e9d_JaffaCakes118
Size

317KB
Sample

240823-pclhnashkc
MD5

bbac2f4939d0679bfb6aca737aae4e9d
SHA1

11a20e84f90104da16cfeebdf175f9480f922164
SHA256

8c0cff40141430b90d84060f64f5343b024856dfb7a6834300c655aae9d2e3f7
SHA512

7cfd3aadae9fc4ddec57e4440dab1c6deffd79875aea2ffcd66c9cfc1759448cd3e216efb38d02a56fb31f59a8be974313bd45f226d494f202f484c1c36f57dd
SSDEEP

6144:5p3Fssgf7ZrbbfW3ySBM38sXtWW1IefFM:5p3Fssgf7ZrbbfWiSB8FXtZ1IkFM

Score

6^/10

discovery

Malware Config

Targets

- Target
  
  bbac2f4939d0679bfb6aca737aae4e9d_JaffaCakes118
- Size
  
  317KB
- MD5
  
  bbac2f4939d0679bfb6aca737aae4e9d
- SHA1
  
  11a20e84f90104da16cfeebdf175f9480f922164
- SHA256
  
  8c0cff40141430b90d84060f64f5343b024856dfb7a6834300c655aae9d2e3f7
- SHA512
  
  7cfd3aadae9fc4ddec57e4440dab1c6deffd79875aea2ffcd66c9cfc1759448cd3e216efb38d02a56fb31f59a8be974313bd45f226d494f202f484c1c36f57dd
- SSDEEP
  
  6144:5p3Fssgf7ZrbbfW3ySBM38sXtWW1IefFM:5p3Fssgf7ZrbbfWiSB8FXtZ1IkFM
Score

6^/10

discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2