1b20a12e8dc4a15d5667835fcbaca45f47ed9b447df44061ff74ada97a4b97bc | Triage

Sharing

General

Target

144be592dba3fe2da07531815f5e4d10_JaffaCakes118
Size

40KB
Sample

241004-v4rrms1ekh
MD5

144be592dba3fe2da07531815f5e4d10
SHA1

f6eb3ba978d49fb9f3f5589c1e8d544a4a1d9958
SHA256

1b20a12e8dc4a15d5667835fcbaca45f47ed9b447df44061ff74ada97a4b97bc
SHA512

dc262cc5c2fefc159b5f05090fbc51eca14657ddf9c1e2c96cbabd5d93fa09bc2b32ccf6ed5af385a293fcf91f217bfb895f73c1d6cc44a56065a0685954a500
SSDEEP

768:AKfz4mRme8wr40PTbadJUSaOaiDbrx3nRX+cd2w:AG4mcj8s8Sao

Score

6^/10

discovery

Malware Config

Targets

- Target
  
  144be592dba3fe2da07531815f5e4d10_JaffaCakes118
- Size
  
  40KB
- MD5
  
  144be592dba3fe2da07531815f5e4d10
- SHA1
  
  f6eb3ba978d49fb9f3f5589c1e8d544a4a1d9958
- SHA256
  
  1b20a12e8dc4a15d5667835fcbaca45f47ed9b447df44061ff74ada97a4b97bc
- SHA512
  
  dc262cc5c2fefc159b5f05090fbc51eca14657ddf9c1e2c96cbabd5d93fa09bc2b32ccf6ed5af385a293fcf91f217bfb895f73c1d6cc44a56065a0685954a500
- SSDEEP
  
  768:AKfz4mRme8wr40PTbadJUSaOaiDbrx3nRX+cd2w:AG4mcj8s8Sao
Score

6^/10

discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2