681fb5c1c39743ab9c4d18896a96c64c46c6077847f67eca9d769a9eb567911e | Triage

Sharing

General

Target

dd264f13c1f2e5ac85fdf9fd9124427e_JaffaCakes118
Size

368KB
Sample

240912-18krsayemb
MD5

dd264f13c1f2e5ac85fdf9fd9124427e
SHA1

9d657afc50acc96a793543fb94a8eaa79c5970a9
SHA256

681fb5c1c39743ab9c4d18896a96c64c46c6077847f67eca9d769a9eb567911e
SHA512

382bcfb5c2f2196c458ff3954eabfde022548d329d4f21297fc893bad5feee5fcce80e59e3b63039adba88606fced3b706500678437d39875dd169f89e8a5f08
SSDEEP

6144:4Kx3qDcRo8OH6kylsPzJeWI9gsF+P/CjvCvR7cZkifEZWlDTJ7f:4KxaDcRo8XkylsQR4/CjvW4O0DT

Score

7^/10

discovery evasion

Malware Config

Targets

- Target
  
  dd264f13c1f2e5ac85fdf9fd9124427e_JaffaCakes118
- Size
  
  368KB
- MD5
  
  dd264f13c1f2e5ac85fdf9fd9124427e
- SHA1
  
  9d657afc50acc96a793543fb94a8eaa79c5970a9
- SHA256
  
  681fb5c1c39743ab9c4d18896a96c64c46c6077847f67eca9d769a9eb567911e
- SHA512
  
  382bcfb5c2f2196c458ff3954eabfde022548d329d4f21297fc893bad5feee5fcce80e59e3b63039adba88606fced3b706500678437d39875dd169f89e8a5f08
- SSDEEP
  
  6144:4Kx3qDcRo8OH6kylsPzJeWI9gsF+P/CjvCvR7cZkifEZWlDTJ7f:4KxaDcRo8XkylsQR4/CjvW4O0DT
Score

7^/10

evasion discovery
- Identifies Wine through registry keys
  Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
  evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

System Location Discovery

System Language Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryevasion