121bb631a003a8ac810e98f36be273ddc3c5e3f8127c3d6e9db1ea3b63d0df14 | Triage

Sharing

General

Target

f30d143f9d5273dc215d8200ca77ec93_JaffaCakes118
Size

304KB
Sample

240416-jyqrlsda47
MD5

f30d143f9d5273dc215d8200ca77ec93
SHA1

a1dd6650edc8e4802094b634f93e87c6a06ef632
SHA256

121bb631a003a8ac810e98f36be273ddc3c5e3f8127c3d6e9db1ea3b63d0df14
SHA512

d4db62a10dc90665d9acce45a44ee5148fcf2ca69cbea9814119dc5cd3440ec045ac6c44f94526387fe918f80dd931fd82d7eb59c7398e5b1308af1d87845e4e
SSDEEP

6144:Lrkx9uEo2S1YnQmCX492DkwNP3qpYFkXdlP5IO5/OoCVHuy6SHZ86riVZkiizFb:LrkHu6/eIo4RXdrIO5/OpVHd6Ky6rizM

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  f30d143f9d5273dc215d8200ca77ec93_JaffaCakes118
- Size
  
  304KB
- MD5
  
  f30d143f9d5273dc215d8200ca77ec93
- SHA1
  
  a1dd6650edc8e4802094b634f93e87c6a06ef632
- SHA256
  
  121bb631a003a8ac810e98f36be273ddc3c5e3f8127c3d6e9db1ea3b63d0df14
- SHA512
  
  d4db62a10dc90665d9acce45a44ee5148fcf2ca69cbea9814119dc5cd3440ec045ac6c44f94526387fe918f80dd931fd82d7eb59c7398e5b1308af1d87845e4e
- SSDEEP
  
  6144:Lrkx9uEo2S1YnQmCX492DkwNP3qpYFkXdlP5IO5/OoCVHuy6SHZ86riVZkiizFb:LrkHu6/eIo4RXdrIO5/OpVHd6Ky6rizM
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2