c5ad39ab0594257ac3c44bc7a58e2ea4cde9bc715294fa2166318216671e438f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2c7e1b0010fb52e2e29a081b8b4ec145_JaffaCakes118
Size

119KB
Sample

240510-a1empabg24
MD5

2c7e1b0010fb52e2e29a081b8b4ec145
SHA1

99917e31f0a7b75d6743a1069be7a2c7deef7150
SHA256

c5ad39ab0594257ac3c44bc7a58e2ea4cde9bc715294fa2166318216671e438f
SHA512

45ec6dd184905abce66b9e4401c0152b920afd77a8769e2a8464a31ebb2f8c34575933336c1353dbbb5ae5c39b5d3dbba144fcfda575c225f4ff8c095c89d3f0
SSDEEP

3072:crVMw6TtRU9Au+eNPmgVPOHj1t8aNACKFsGK9/Ckr8sDNKCkCDbA8pKB5e:cxMwat8aNACKFsGc3

Score

6^/10

Malware Config

Targets

- Target
  
  2c7e1b0010fb52e2e29a081b8b4ec145_JaffaCakes118
- Size
  
  119KB
- MD5
  
  2c7e1b0010fb52e2e29a081b8b4ec145
- SHA1
  
  99917e31f0a7b75d6743a1069be7a2c7deef7150
- SHA256
  
  c5ad39ab0594257ac3c44bc7a58e2ea4cde9bc715294fa2166318216671e438f
- SHA512
  
  45ec6dd184905abce66b9e4401c0152b920afd77a8769e2a8464a31ebb2f8c34575933336c1353dbbb5ae5c39b5d3dbba144fcfda575c225f4ff8c095c89d3f0
- SSDEEP
  
  3072:crVMw6TtRU9Au+eNPmgVPOHj1t8aNACKFsGK9/Ckr8sDNKCkCDbA8pKB5e:cxMwat8aNACKFsGc3
Score

6^/10
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2