05b4c534a13f97ee8478bfacd5d7657110fdeebbe1979cce1c41536726ebc944 | Triage

Sharing

General

Target

031399a05697e406ac464adf09163b1b_JaffaCakes118
Size

468KB
Sample

240427-mvfn1she6s
MD5

031399a05697e406ac464adf09163b1b
SHA1

3114b821ac6f568aeb7d45ee2c2d4f5ef858d3db
SHA256

05b4c534a13f97ee8478bfacd5d7657110fdeebbe1979cce1c41536726ebc944
SHA512

c5480ace7d47c72dfcfd92205989e3b620736dfd5d52d8d622a45f447a8f9c9df73cb5185a98b6625c3dd7e193fe333b25cc558c01cf51968d54bf41df79d57c
SSDEEP

6144:4d9sKn8f/95K7QtkFnxeMr4bRDelvlv6P1IvHf5JZUPYvrYkRvKFmavKY8GBU36V:4dmKY/bK7Fa64btPMfn1PJY8GCq5

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  031399a05697e406ac464adf09163b1b_JaffaCakes118
- Size
  
  468KB
- MD5
  
  031399a05697e406ac464adf09163b1b
- SHA1
  
  3114b821ac6f568aeb7d45ee2c2d4f5ef858d3db
- SHA256
  
  05b4c534a13f97ee8478bfacd5d7657110fdeebbe1979cce1c41536726ebc944
- SHA512
  
  c5480ace7d47c72dfcfd92205989e3b620736dfd5d52d8d622a45f447a8f9c9df73cb5185a98b6625c3dd7e193fe333b25cc558c01cf51968d54bf41df79d57c
- SSDEEP
  
  6144:4d9sKn8f/95K7QtkFnxeMr4bRDelvlv6P1IvHf5JZUPYvrYkRvKFmavKY8GBU36V:4dmKY/bK7Fa64btPMfn1PJY8GCq5
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2