31921c3e9ab77e888e9454fc7d8be0184305945c5e299effb37d3590bdb2df9b | Triage

Sharing

General

Target

06a278c71d381a47e7f3f521a8047869_JaffaCakes118
Size

322KB
Sample

240429-c28m9sff79
MD5

06a278c71d381a47e7f3f521a8047869
SHA1

bf172bb3193a7425d3a537dbb00ed18f8745b65e
SHA256

31921c3e9ab77e888e9454fc7d8be0184305945c5e299effb37d3590bdb2df9b
SHA512

e0b18914fd4952017f0e0dbd0006c43fac5186ac0ec5692aeaa626e806164623a3569e652f0ab2a446d5d78bef965e15c41d5e25683075a09c4744613dbf7479
SSDEEP

6144:QrV49uEo2S1YnQmCX492DkwNP3qpYFkKQdF8lgywXW/XK11AVBZ5jhqUnm8xcU:QrVQu6/eIo4qQdF8lEeXK11AZDqUmpU

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  06a278c71d381a47e7f3f521a8047869_JaffaCakes118
- Size
  
  322KB
- MD5
  
  06a278c71d381a47e7f3f521a8047869
- SHA1
  
  bf172bb3193a7425d3a537dbb00ed18f8745b65e
- SHA256
  
  31921c3e9ab77e888e9454fc7d8be0184305945c5e299effb37d3590bdb2df9b
- SHA512
  
  e0b18914fd4952017f0e0dbd0006c43fac5186ac0ec5692aeaa626e806164623a3569e652f0ab2a446d5d78bef965e15c41d5e25683075a09c4744613dbf7479
- SSDEEP
  
  6144:QrV49uEo2S1YnQmCX492DkwNP3qpYFkKQdF8lgywXW/XK11AVBZ5jhqUnm8xcU:QrVQu6/eIo4qQdF8lEeXK11AZDqUmpU
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2