f65501a14c4a2e04458849525edf78599ac9f6112494247225861496e6759fea | Triage

Sharing

Copy URL Twitter E-mail

General

Target

00ed79d8ffb56a853365fb673ece1680_JaffaCakes118
Size

88KB
Sample

240930-mv3hsavglh
MD5

00ed79d8ffb56a853365fb673ece1680
SHA1

091a9fa5c97710a60a3d9746fb2423bd33b45983
SHA256

f65501a14c4a2e04458849525edf78599ac9f6112494247225861496e6759fea
SHA512

e2c37a69fa482555fca4f397a81beca2bd20e147aa41fba52444ead64722d255a07bacd6b56a867236b9b8d4b620cc06691dd0d3237e36a7f450881f6b18b1bc
SSDEEP

1536:NL2ReCCrRBCPzNpVlI07vhfnm8y+yuLTZZrN/OAWx19Vy0Te:Nqk/re7VmHyL1ZrNxK1/y0y

Score

6^/10

discovery

Malware Config

Targets

- Target
  
  00ed79d8ffb56a853365fb673ece1680_JaffaCakes118
- Size
  
  88KB
- MD5
  
  00ed79d8ffb56a853365fb673ece1680
- SHA1
  
  091a9fa5c97710a60a3d9746fb2423bd33b45983
- SHA256
  
  f65501a14c4a2e04458849525edf78599ac9f6112494247225861496e6759fea
- SHA512
  
  e2c37a69fa482555fca4f397a81beca2bd20e147aa41fba52444ead64722d255a07bacd6b56a867236b9b8d4b620cc06691dd0d3237e36a7f450881f6b18b1bc
- SSDEEP
  
  1536:NL2ReCCrRBCPzNpVlI07vhfnm8y+yuLTZZrN/OAWx19Vy0Te:Nqk/re7VmHyL1ZrNxK1/y0y
Score

6^/10

discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2