16bf7449ffa1118b223f16a79d291d2d8dffff98b4ed74dd429d33928738862b | Triage

Sharing

General

Target

ce67f2d68540b96d432271cfa8d4fe5f_JaffaCakes118
Size

1.0MB
Sample

240906-cky3hazgnr
MD5

ce67f2d68540b96d432271cfa8d4fe5f
SHA1

27d5a150053ef2c0bf0632918dd3bfffe7867025
SHA256

16bf7449ffa1118b223f16a79d291d2d8dffff98b4ed74dd429d33928738862b
SHA512

64ffbe5446c0c6fea334d180df9161f19269f6556adddfff65b64ae8f9aed10847467580c261c8fda0a8c6fe53b62fd1592d59bd7ee51b26e92b09bd5f1f67ee
SSDEEP

24576:iZafNPaNMDJOpKROZRpulZBVOkeOLimGHCmO+f:CaANaRGRpuHetmGimZf

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  ce67f2d68540b96d432271cfa8d4fe5f_JaffaCakes118
- Size
  
  1.0MB
- MD5
  
  ce67f2d68540b96d432271cfa8d4fe5f
- SHA1
  
  27d5a150053ef2c0bf0632918dd3bfffe7867025
- SHA256
  
  16bf7449ffa1118b223f16a79d291d2d8dffff98b4ed74dd429d33928738862b
- SHA512
  
  64ffbe5446c0c6fea334d180df9161f19269f6556adddfff65b64ae8f9aed10847467580c261c8fda0a8c6fe53b62fd1592d59bd7ee51b26e92b09bd5f1f67ee
- SSDEEP
  
  24576:iZafNPaNMDJOpKROZRpulZBVOkeOLimGHCmO+f:CaANaRGRpuHetmGimZf
Score

7^/10

discovery
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2