eceb164a69e8f79bb08099fcdf2b75071c527b0107daebc0e7a88e246b4c7f13 | Triage

Sharing

General

Target

dffb3d323708f624dc3469e99c3adcb3_JaffaCakes118
Size

548KB
Sample

240406-kbdn7sfa69
MD5

dffb3d323708f624dc3469e99c3adcb3
SHA1

043620bdea4fd9d48673db8081ffbd9f25d1d8ac
SHA256

eceb164a69e8f79bb08099fcdf2b75071c527b0107daebc0e7a88e246b4c7f13
SHA512

a30b70e5bb259410606d5e123e17b8502423912ecedf6d6ebad6b180a372c58f36231f0c85b610ad89e5328b1e63e257be932d4d3fea8971853516e31f531f84
SSDEEP

12288:8j3LUk7ftIXeWc5ie52YOqhPS+KP/w1pZGGgCs5xu8Z:88aFAeWceYHPS3PIoA4xu

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  dffb3d323708f624dc3469e99c3adcb3_JaffaCakes118
- Size
  
  548KB
- MD5
  
  dffb3d323708f624dc3469e99c3adcb3
- SHA1
  
  043620bdea4fd9d48673db8081ffbd9f25d1d8ac
- SHA256
  
  eceb164a69e8f79bb08099fcdf2b75071c527b0107daebc0e7a88e246b4c7f13
- SHA512
  
  a30b70e5bb259410606d5e123e17b8502423912ecedf6d6ebad6b180a372c58f36231f0c85b610ad89e5328b1e63e257be932d4d3fea8971853516e31f531f84
- SSDEEP
  
  12288:8j3LUk7ftIXeWc5ie52YOqhPS+KP/w1pZGGgCs5xu8Z:88aFAeWceYHPS3PIoA4xu
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2