7cd39a8f167ef4fc41888164ae27558489e7873a3f93530f709161875f96b950 | Triage

Sharing

General

Target

ea90f24508b1f24a1f7b8081d31efc86_JaffaCakes118
Size

7.6MB
Sample

240919-evywlazhrh
MD5

ea90f24508b1f24a1f7b8081d31efc86
SHA1

8f452886be6dce2237ed2c7bd4b6035fcabb749d
SHA256

7cd39a8f167ef4fc41888164ae27558489e7873a3f93530f709161875f96b950
SHA512

82d9d12a427a6268c1566e2d5a02396a8424534c4ef4e8c2e2846de673573ff44ebc3382d0f5ad495d790e66fe30333e955a111eec66aec81a64a22a1c3f0cef
SSDEEP

49152:HE9XTMt36FsYEcZXeUR4ytjDSnSU6K5amsRHg4arAQbBJqDwa9cBzkVog+Hedo81:IsyzG5aVRHg4aRrqz9oyxOqo806wiWm

Score

7^/10

discovery evasion

Malware Config

Targets

- Target
  
  ea90f24508b1f24a1f7b8081d31efc86_JaffaCakes118
- Size
  
  7.6MB
- MD5
  
  ea90f24508b1f24a1f7b8081d31efc86
- SHA1
  
  8f452886be6dce2237ed2c7bd4b6035fcabb749d
- SHA256
  
  7cd39a8f167ef4fc41888164ae27558489e7873a3f93530f709161875f96b950
- SHA512
  
  82d9d12a427a6268c1566e2d5a02396a8424534c4ef4e8c2e2846de673573ff44ebc3382d0f5ad495d790e66fe30333e955a111eec66aec81a64a22a1c3f0cef
- SSDEEP
  
  49152:HE9XTMt36FsYEcZXeUR4ytjDSnSU6K5amsRHg4arAQbBJqDwa9cBzkVog+Hedo81:IsyzG5aVRHg4aRrqz9oyxOqo806wiWm
Score

7^/10

discovery evasion
- Identifies Wine through registry keys
  Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
  evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasion

behavioral2

discoveryevasion