21c804642e9860f348d9194e339d25bc99c866b68a8a982fae1cf82abefdbc47 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

11bdf53b639bbd1e7d41cc49e2f78038_JaffaCakes118
Size

314KB
Sample

240504-jlxz6aae74
MD5

11bdf53b639bbd1e7d41cc49e2f78038
SHA1

a6692c573af7b5c3bc567a55d419e12780c7bf0d
SHA256

21c804642e9860f348d9194e339d25bc99c866b68a8a982fae1cf82abefdbc47
SHA512

d50b0a0f8f5da8f8dadb1973039a84a7d3cbba910b42554b283361f0e7058566365937f473706f346217a69f7338920232340d64a2f23cb04bd7965555f95c71
SSDEEP

6144:QrAbUzkuvcBYC47l2xn88NEymFTYO67qzVxzRRwL:Qr1kuveY35YO67Wxz7wL

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  11bdf53b639bbd1e7d41cc49e2f78038_JaffaCakes118
- Size
  
  314KB
- MD5
  
  11bdf53b639bbd1e7d41cc49e2f78038
- SHA1
  
  a6692c573af7b5c3bc567a55d419e12780c7bf0d
- SHA256
  
  21c804642e9860f348d9194e339d25bc99c866b68a8a982fae1cf82abefdbc47
- SHA512
  
  d50b0a0f8f5da8f8dadb1973039a84a7d3cbba910b42554b283361f0e7058566365937f473706f346217a69f7338920232340d64a2f23cb04bd7965555f95c71
- SSDEEP
  
  6144:QrAbUzkuvcBYC47l2xn88NEymFTYO67qzVxzRRwL:Qr1kuveY35YO67Wxz7wL
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2