2264c1226978c5f1f4a5d731f2cf4180ebfdece38f01a069917dcf3452e94e04 | Triage

Sharing

General

Target

3ea9e5a1ff0d1348a10edec09f010a55_JaffaCakes118
Size

305KB
Sample

240513-ktb84agb78
MD5

3ea9e5a1ff0d1348a10edec09f010a55
SHA1

2ff1684685bdec1402fed8d700e51b5be6d7b12a
SHA256

2264c1226978c5f1f4a5d731f2cf4180ebfdece38f01a069917dcf3452e94e04
SHA512

35114aa4675e9cb73cc831097747a8c67c5618fa1e1275d7da962410cf36c6de40573e345a120962ab8ef778092c0b35725abd83529e94fca1cec1f34e70eb60
SSDEEP

6144:Irkx9uEo2S1YnQmCX492DkwNP3qpYFkXdlP5IO5/OoCVHuy6SHZ86riVZkiizB:IrkHu6/eIo4RXdrIO5/OpVHd6Ky6rizY

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  3ea9e5a1ff0d1348a10edec09f010a55_JaffaCakes118
- Size
  
  305KB
- MD5
  
  3ea9e5a1ff0d1348a10edec09f010a55
- SHA1
  
  2ff1684685bdec1402fed8d700e51b5be6d7b12a
- SHA256
  
  2264c1226978c5f1f4a5d731f2cf4180ebfdece38f01a069917dcf3452e94e04
- SHA512
  
  35114aa4675e9cb73cc831097747a8c67c5618fa1e1275d7da962410cf36c6de40573e345a120962ab8ef778092c0b35725abd83529e94fca1cec1f34e70eb60
- SSDEEP
  
  6144:Irkx9uEo2S1YnQmCX492DkwNP3qpYFkXdlP5IO5/OoCVHuy6SHZ86riVZkiizB:IrkHu6/eIo4RXdrIO5/OpVHd6Ky6rizY
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2