21bf5f7d3e92cb723adf121a126865dafa06f2c57435f81a6585e86a6db52bc7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1f8ca3d0825083d604080bfca4e57565_JaffaCakes118
Size

327KB
Sample

240507-ftnjxaag6z
MD5

1f8ca3d0825083d604080bfca4e57565
SHA1

25fe750c56a7bd5161e8d20df7b6896c19899401
SHA256

21bf5f7d3e92cb723adf121a126865dafa06f2c57435f81a6585e86a6db52bc7
SHA512

e46021e76422131da481be4ff3da4c0632aeb61224adbba97e3d0e72ee1bfea85fecd052d6590a6e437f9a4c8ea4a123ecf74371a486d0df614723155e937bd9
SSDEEP

6144:Jr469uEo2S1YnQmCX492DkwNP3qpYFGgjwuBGVdLAt4ZHd2i3gjd+ZD/6Fm:Jr4iu6/eIo4Rsw33AtsmQr

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  1f8ca3d0825083d604080bfca4e57565_JaffaCakes118
- Size
  
  327KB
- MD5
  
  1f8ca3d0825083d604080bfca4e57565
- SHA1
  
  25fe750c56a7bd5161e8d20df7b6896c19899401
- SHA256
  
  21bf5f7d3e92cb723adf121a126865dafa06f2c57435f81a6585e86a6db52bc7
- SHA512
  
  e46021e76422131da481be4ff3da4c0632aeb61224adbba97e3d0e72ee1bfea85fecd052d6590a6e437f9a4c8ea4a123ecf74371a486d0df614723155e937bd9
- SSDEEP
  
  6144:Jr469uEo2S1YnQmCX492DkwNP3qpYFGgjwuBGVdLAt4ZHd2i3gjd+ZD/6Fm:Jr4iu6/eIo4Rsw33AtsmQr
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2