e68bb5cd4f4ec2904c7d5a96ba59d60fbfad8af08710b5b51d7fc5796bfe1c32 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c23d8fdeb7b919a3b517b013dc0729cf_JaffaCakes118
Size

1.5MB
Sample

240826-ek2vhavgjp
MD5

c23d8fdeb7b919a3b517b013dc0729cf
SHA1

357d03a7af882a9b8528be99ee893a0e154cfa71
SHA256

e68bb5cd4f4ec2904c7d5a96ba59d60fbfad8af08710b5b51d7fc5796bfe1c32
SHA512

23862553ecc0c717a4c17c706216cfb12dd0a6cdd4fc30141a980c63aa24e4d132cb8ed2f06a1370faa884300915f942f398ff153127d1151375a8c07e18d0ba
SSDEEP

24576:Df2mRwsviHnTK6yssdZYjs6TP3CPRZ6qm/0a/nz0wt5PkAE8x0:Df2mRwjzKXisCP6RkVlMAB0

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  c23d8fdeb7b919a3b517b013dc0729cf_JaffaCakes118
- Size
  
  1.5MB
- MD5
  
  c23d8fdeb7b919a3b517b013dc0729cf
- SHA1
  
  357d03a7af882a9b8528be99ee893a0e154cfa71
- SHA256
  
  e68bb5cd4f4ec2904c7d5a96ba59d60fbfad8af08710b5b51d7fc5796bfe1c32
- SHA512
  
  23862553ecc0c717a4c17c706216cfb12dd0a6cdd4fc30141a980c63aa24e4d132cb8ed2f06a1370faa884300915f942f398ff153127d1151375a8c07e18d0ba
- SSDEEP
  
  24576:Df2mRwsviHnTK6yssdZYjs6TP3CPRZ6qm/0a/nz0wt5PkAE8x0:Df2mRwjzKXisCP6RkVlMAB0
Score

7^/10

discovery
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2