110e7fca3bc26811b2ac14ea86fae3463d0e7404f766c7b3f46a83fd9a288770 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0228ffd67b05a27d8910eb82c96772b9_JaffaCakes118
Size

164KB
Sample

240930-tfelqsxglh
MD5

0228ffd67b05a27d8910eb82c96772b9
SHA1

6d8a030806f4dfd45976cadb75ffacc412cddc6c
SHA256

110e7fca3bc26811b2ac14ea86fae3463d0e7404f766c7b3f46a83fd9a288770
SHA512

33e4eb84bd805cf47981c4d65930d97497212f1bbf316152cc766567c42051ed6c6838f16bd5b0f3a2d9346c9a6aae296479cab0b2bfbc52e432b50589f19f59
SSDEEP

768:Y40GcbPTZN1V0pa0KoJkyWR8+0TcQUPf00uDLwXhEFjIfRwSkKUnh8g9/7:T0GuPTdmp3kBgiqQXO4BkXfB

Score

7^/10

discovery evasion

Malware Config

Targets

- Target
  
  0228ffd67b05a27d8910eb82c96772b9_JaffaCakes118
- Size
  
  164KB
- MD5
  
  0228ffd67b05a27d8910eb82c96772b9
- SHA1
  
  6d8a030806f4dfd45976cadb75ffacc412cddc6c
- SHA256
  
  110e7fca3bc26811b2ac14ea86fae3463d0e7404f766c7b3f46a83fd9a288770
- SHA512
  
  33e4eb84bd805cf47981c4d65930d97497212f1bbf316152cc766567c42051ed6c6838f16bd5b0f3a2d9346c9a6aae296479cab0b2bfbc52e432b50589f19f59
- SSDEEP
  
  768:Y40GcbPTZN1V0pa0KoJkyWR8+0TcQUPf00uDLwXhEFjIfRwSkKUnh8g9/7:T0GuPTdmp3kBgiqQXO4BkXfB
Score

7^/10

evasion discovery
- Identifies Wine through registry keys
  Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
  evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

System Location Discovery

System Language Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryevasion