43ca991c98a124f5ccf3ea6cb5abca55af4a2102cb841ab09871c09ca2ac6a00 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f51486b995e627a7b59fdf1c1f3a5219_JaffaCakes118
Size

1.7MB
Sample

240925-d4fwpssfnq
MD5

f51486b995e627a7b59fdf1c1f3a5219
SHA1

b9857248bc17920ea4937f3a286f460eca8c10b2
SHA256

43ca991c98a124f5ccf3ea6cb5abca55af4a2102cb841ab09871c09ca2ac6a00
SHA512

af47c5daee70377b187bac007173a672973a9d6a12eae3acc663b871233c977de6352fd94f78b6828d391f7020bfe18fc5466303371df6b3528d25d2b5ce16ee
SSDEEP

24576:VM615/4jWEn2xo3sHdun/DoCJbUVZjK0pcqXy6+Hk31DQASrZUNob71eOT0wykbt:p3OWEnD26w/xpXFo7xhgThIt7

Score

7^/10

discovery evasion

Malware Config

Targets

- Target
  
  f51486b995e627a7b59fdf1c1f3a5219_JaffaCakes118
- Size
  
  1.7MB
- MD5
  
  f51486b995e627a7b59fdf1c1f3a5219
- SHA1
  
  b9857248bc17920ea4937f3a286f460eca8c10b2
- SHA256
  
  43ca991c98a124f5ccf3ea6cb5abca55af4a2102cb841ab09871c09ca2ac6a00
- SHA512
  
  af47c5daee70377b187bac007173a672973a9d6a12eae3acc663b871233c977de6352fd94f78b6828d391f7020bfe18fc5466303371df6b3528d25d2b5ce16ee
- SSDEEP
  
  24576:VM615/4jWEn2xo3sHdun/DoCJbUVZjK0pcqXy6+Hk31DQASrZUNob71eOT0wykbt:p3OWEnD26w/xpXFo7xhgThIt7
Score

7^/10

discovery evasion
- Identifies Wine through registry keys
  Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
  evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

System Location Discovery

System Language Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasion

behavioral2

discoveryevasion