2085e027acfaf3f3f1ada6553f89cc69fb82191608307cb5e54487f59ca56c83 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d0d44a15c6bdffdc2362790dcfd64772_JaffaCakes118
Size

249KB
Sample

240907-b81essygmr
MD5

d0d44a15c6bdffdc2362790dcfd64772
SHA1

0ee9cdbe49f329e76826ff6d70cb227284e28bca
SHA256

2085e027acfaf3f3f1ada6553f89cc69fb82191608307cb5e54487f59ca56c83
SHA512

125285b147d4d034370c29943c7347d4aa7ac89fc2ae1790e373a87722953a4dc26642500b435d5bbce55ac244d80f871448fb1a6226c175265e321e810501e9
SSDEEP

6144:0A9n5LAEgMVdzC25NgYsUWLXiAdraBCDoAc769/c:0AHL5gMVdzCeOXUQraByc769k

Score

6^/10

discovery

Malware Config

Targets

- Target
  
  d0d44a15c6bdffdc2362790dcfd64772_JaffaCakes118
- Size
  
  249KB
- MD5
  
  d0d44a15c6bdffdc2362790dcfd64772
- SHA1
  
  0ee9cdbe49f329e76826ff6d70cb227284e28bca
- SHA256
  
  2085e027acfaf3f3f1ada6553f89cc69fb82191608307cb5e54487f59ca56c83
- SHA512
  
  125285b147d4d034370c29943c7347d4aa7ac89fc2ae1790e373a87722953a4dc26642500b435d5bbce55ac244d80f871448fb1a6226c175265e321e810501e9
- SSDEEP
  
  6144:0A9n5LAEgMVdzC25NgYsUWLXiAdraBCDoAc769/c:0AHL5gMVdzCeOXUQraByc769k
Score

6^/10

discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2