148cbf90b51ada4cd5e513cb5e4908a51fc192932ee611899d0f7bca3d326146 | Triage

Sharing

General

Target

de5a0fc4f4298dbc6a4b4cd94843c7bf_JaffaCakes118
Size

577KB
Sample

240913-qyw2yssflp
MD5

de5a0fc4f4298dbc6a4b4cd94843c7bf
SHA1

d188d2ce5771473a932705fbfecc060cc026f6c2
SHA256

148cbf90b51ada4cd5e513cb5e4908a51fc192932ee611899d0f7bca3d326146
SHA512

0b91dcb2c06029707ef8b15f3163f21f3af61f941b47fc69d04bc0709f061a2c85ebfb4484c646c7305122abffd79fcc41dd3e76ab75447b8265d8282b0cf373
SSDEEP

12288:TSyoOPqWcMqA/miet58gULwxgIYP2hjhTH2G:TSyoTW/XeLzMOY+ht9

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  de5a0fc4f4298dbc6a4b4cd94843c7bf_JaffaCakes118
- Size
  
  577KB
- MD5
  
  de5a0fc4f4298dbc6a4b4cd94843c7bf
- SHA1
  
  d188d2ce5771473a932705fbfecc060cc026f6c2
- SHA256
  
  148cbf90b51ada4cd5e513cb5e4908a51fc192932ee611899d0f7bca3d326146
- SHA512
  
  0b91dcb2c06029707ef8b15f3163f21f3af61f941b47fc69d04bc0709f061a2c85ebfb4484c646c7305122abffd79fcc41dd3e76ab75447b8265d8282b0cf373
- SSDEEP
  
  12288:TSyoOPqWcMqA/miet58gULwxgIYP2hjhTH2G:TSyoTW/XeLzMOY+ht9
Score

7^/10

discovery
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2