11b1bbc52df5fc0f6215acac7c929e8459cf514bbfdb0ef22e2e958e7377c5b4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

17d2b1cd8aa0079b9805c95cb69b9eb3_JaffaCakes118
Size

258KB
Sample

240505-qdr79sah2x
MD5

17d2b1cd8aa0079b9805c95cb69b9eb3
SHA1

c45b25afd190e11c85dcd4e478053704c332cf61
SHA256

11b1bbc52df5fc0f6215acac7c929e8459cf514bbfdb0ef22e2e958e7377c5b4
SHA512

e8bae3f5485ebdc320eccd09915ed8a53cb4dd7397ef66eb72e2b5bab5ac31ae51c90d882654c610d873ef43cd6fb288e4f3be207cab297a9f38dc8dfff54e20
SSDEEP

3072:Jtpk0dCvZITe9qqkqAZEMZsd3qTGhMuIj2h+tgz1tRpkNphVGXCPfTpoI6q2V5eu:pk084eotJ96ayhTz+Czsh9Tpnd2V5eTy

Score

6^/10

discovery

Malware Config

Targets

- Target
  
  17d2b1cd8aa0079b9805c95cb69b9eb3_JaffaCakes118
- Size
  
  258KB
- MD5
  
  17d2b1cd8aa0079b9805c95cb69b9eb3
- SHA1
  
  c45b25afd190e11c85dcd4e478053704c332cf61
- SHA256
  
  11b1bbc52df5fc0f6215acac7c929e8459cf514bbfdb0ef22e2e958e7377c5b4
- SHA512
  
  e8bae3f5485ebdc320eccd09915ed8a53cb4dd7397ef66eb72e2b5bab5ac31ae51c90d882654c610d873ef43cd6fb288e4f3be207cab297a9f38dc8dfff54e20
- SSDEEP
  
  3072:Jtpk0dCvZITe9qqkqAZEMZsd3qTGhMuIj2h+tgz1tRpkNphVGXCPfTpoI6q2V5eu:pk084eotJ96ayhTz+Czsh9Tpnd2V5eTy
Score

6^/10

discovery
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2