f13053e2cc8ce442539c9add379de1a3d4eab01e70c3cf7224c0181e6f4e9472 | Triage

Sharing

General

Target

d242eac273bd1a414f92f5729b29bc06_JaffaCakes118
Size

130KB
Sample

240907-szyy2ssglg
MD5

d242eac273bd1a414f92f5729b29bc06
SHA1

a095c2883460eb32bb75bc7b3a26997c2cae1ee4
SHA256

f13053e2cc8ce442539c9add379de1a3d4eab01e70c3cf7224c0181e6f4e9472
SHA512

12a6216cb40abdf4f0eec55b6ec7a2b257d5e13eb5e99e6bca0a8f2c4bcb7c7e33172415d9b64fecd11647d323bf0182e405288c4690f3e28141154c0cfaf1da
SSDEEP

3072:pmO9nEJjKxZCFS/mJ9zKm02nuksJ7uYWUeA9PdoO:3JEUrtk9zT1nuk9YWUddo

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  d242eac273bd1a414f92f5729b29bc06_JaffaCakes118
- Size
  
  130KB
- MD5
  
  d242eac273bd1a414f92f5729b29bc06
- SHA1
  
  a095c2883460eb32bb75bc7b3a26997c2cae1ee4
- SHA256
  
  f13053e2cc8ce442539c9add379de1a3d4eab01e70c3cf7224c0181e6f4e9472
- SHA512
  
  12a6216cb40abdf4f0eec55b6ec7a2b257d5e13eb5e99e6bca0a8f2c4bcb7c7e33172415d9b64fecd11647d323bf0182e405288c4690f3e28141154c0cfaf1da
- SSDEEP
  
  3072:pmO9nEJjKxZCFS/mJ9zKm02nuksJ7uYWUeA9PdoO:3JEUrtk9zT1nuk9YWUddo
Score

7^/10

discovery
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Deletes itself
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2