64d52e0c184cb3db319bfd9c5b52d88021b0f98e3da163d467505b37e719605f | Triage

Sharing

General

Target

c2953e3efeb5e40d514e6b9b77172c80_JaffaCakes118
Size

668KB
Sample

240826-jtkd2avcqp
MD5

c2953e3efeb5e40d514e6b9b77172c80
SHA1

89564191bc6b4fe1c6336fdaf9088a5f14727d08
SHA256

64d52e0c184cb3db319bfd9c5b52d88021b0f98e3da163d467505b37e719605f
SHA512

660d4e6fe8b9d4fbdf161bcb3272f98e17ea9b6b69cd9168a701feeaa6a68829ed5a2a710c357f392a3a4f2f4ae94638db05a6b17c7e2a999f8bd9aade776857
SSDEEP

12288:kw1x9pq1SvKxYxMgv0sz001741PymqzV/GwcLQo3wk/LJKCGtqA8Vu8NzWsy:kw1x9pq1SvKxYxMW0sn1E1Prqp/GwaQf

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  c2953e3efeb5e40d514e6b9b77172c80_JaffaCakes118
- Size
  
  668KB
- MD5
  
  c2953e3efeb5e40d514e6b9b77172c80
- SHA1
  
  89564191bc6b4fe1c6336fdaf9088a5f14727d08
- SHA256
  
  64d52e0c184cb3db319bfd9c5b52d88021b0f98e3da163d467505b37e719605f
- SHA512
  
  660d4e6fe8b9d4fbdf161bcb3272f98e17ea9b6b69cd9168a701feeaa6a68829ed5a2a710c357f392a3a4f2f4ae94638db05a6b17c7e2a999f8bd9aade776857
- SSDEEP
  
  12288:kw1x9pq1SvKxYxMgv0sz001741PymqzV/GwcLQo3wk/LJKCGtqA8Vu8NzWsy:kw1x9pq1SvKxYxMW0sn1E1Prqp/GwaQf
Score

7^/10

discovery
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2