6ca2c34a6817fc732c82df086d70c43e0a7cc0cacdb06e18cc7dd7d9a94e150f | Triage

Sharing

General

Target

327edfd9f231471977a57b3227ef0c7e_JaffaCakes118
Size

327KB
Sample

240511-d22emadf74
MD5

327edfd9f231471977a57b3227ef0c7e
SHA1

3c5f352cb6e5f4cc00f76828e3128be2c9738f23
SHA256

6ca2c34a6817fc732c82df086d70c43e0a7cc0cacdb06e18cc7dd7d9a94e150f
SHA512

a0d40297734700bb8268ce064a6447b00e1b7c435512e15606970f80c06e7e882f88c28d58e9af88b6e4fd11d38633c122895064b0a03508cb0ce96f8b2f3739
SSDEEP

6144:Jr469uEo2S1YnQmCX492DkwNP3qpYFGgjwuBGVdLAt4ZHd2i3gjd+ZD/6FY:Jr4iu6/eIo4Rsw33AtsmQ5

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  327edfd9f231471977a57b3227ef0c7e_JaffaCakes118
- Size
  
  327KB
- MD5
  
  327edfd9f231471977a57b3227ef0c7e
- SHA1
  
  3c5f352cb6e5f4cc00f76828e3128be2c9738f23
- SHA256
  
  6ca2c34a6817fc732c82df086d70c43e0a7cc0cacdb06e18cc7dd7d9a94e150f
- SHA512
  
  a0d40297734700bb8268ce064a6447b00e1b7c435512e15606970f80c06e7e882f88c28d58e9af88b6e4fd11d38633c122895064b0a03508cb0ce96f8b2f3739
- SSDEEP
  
  6144:Jr469uEo2S1YnQmCX492DkwNP3qpYFGgjwuBGVdLAt4ZHd2i3gjd+ZD/6FY:Jr4iu6/eIo4Rsw33AtsmQ5
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2