218832fce3ce81f0c6574475944a95eb6fca89ee6f24f156191a3c49b6283165 | Triage

Sharing

General

Target

000f4fca32ed812ab99f0b1ef65c2e3f_JaffaCakes118
Size

325KB
Sample

240425-zrfwtseg56
MD5

000f4fca32ed812ab99f0b1ef65c2e3f
SHA1

c01ad7028b37cc10f48f7909ad1d02fc965eefd6
SHA256

218832fce3ce81f0c6574475944a95eb6fca89ee6f24f156191a3c49b6283165
SHA512

2730920699b89e1a1b99abe8268bcda50eb139e56097a02a99f3e79d8879674d644e620d7517a0e3192f23bef1d3c6f4c54f2a91cbcc58e307cc177c3a8b6ab0
SSDEEP

6144:Er1Bh9uEo2S1YnQmCX492DkwNP3qpYFDcYgQUskKWeFCEQOiCYOqmO5oN:Er1B3u6/eIo4ArVUBQCCYOqmO5oN

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  000f4fca32ed812ab99f0b1ef65c2e3f_JaffaCakes118
- Size
  
  325KB
- MD5
  
  000f4fca32ed812ab99f0b1ef65c2e3f
- SHA1
  
  c01ad7028b37cc10f48f7909ad1d02fc965eefd6
- SHA256
  
  218832fce3ce81f0c6574475944a95eb6fca89ee6f24f156191a3c49b6283165
- SHA512
  
  2730920699b89e1a1b99abe8268bcda50eb139e56097a02a99f3e79d8879674d644e620d7517a0e3192f23bef1d3c6f4c54f2a91cbcc58e307cc177c3a8b6ab0
- SSDEEP
  
  6144:Er1Bh9uEo2S1YnQmCX492DkwNP3qpYFDcYgQUskKWeFCEQOiCYOqmO5oN:Er1B3u6/eIo4ArVUBQCCYOqmO5oN
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2