b023575034da8ddf6460e8c1b76eb267656b8a5f1dc004ca3882dccef4e2076a | Triage

Sharing

General

Target

0c6093d5742843a9cd814ca29ef4a607_JaffaCakes118
Size

816KB
Sample

241002-zfn33ayfrh
MD5

0c6093d5742843a9cd814ca29ef4a607
SHA1

4ed96b41c204cb9b29d1b89341258641fd0abb35
SHA256

b023575034da8ddf6460e8c1b76eb267656b8a5f1dc004ca3882dccef4e2076a
SHA512

c342ae5476e53da384a9037ab3fba788ed25acd46455630f15bfb84cfeac728f4754e00a286fb3089c31e8c7ca8b48ec9670608401ef159a750522b656cb8769
SSDEEP

24576:bOw3rV0JQDe4WyRCMb24mI34186Rt0EpWiAcIXeQp5YIe:bX3ZDxWyRCMxID3X3AcIXeq5YI

Score

9^/10

discovery evasion

Malware Config

Targets

- Target
  
  0c6093d5742843a9cd814ca29ef4a607_JaffaCakes118
- Size
  
  816KB
- MD5
  
  0c6093d5742843a9cd814ca29ef4a607
- SHA1
  
  4ed96b41c204cb9b29d1b89341258641fd0abb35
- SHA256
  
  b023575034da8ddf6460e8c1b76eb267656b8a5f1dc004ca3882dccef4e2076a
- SHA512
  
  c342ae5476e53da384a9037ab3fba788ed25acd46455630f15bfb84cfeac728f4754e00a286fb3089c31e8c7ca8b48ec9670608401ef159a750522b656cb8769
- SSDEEP
  
  24576:bOw3rV0JQDe4WyRCMb24mI34186Rt0EpWiAcIXeQp5YIe:bX3ZDxWyRCMxID3X3AcIXeq5YI
Score

9^/10

evasion discovery
- Checks for common network interception software
  Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
  evasion
- Enumerates VirtualBox registry keys
  evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Software Discovery

System Location Discovery

System Language Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryevasion