edd7f9a0cbef373ee8c540082aaba522f1b78fde76626b43905b94bb30679f10 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

42a3dac23cdb9a3b84fa9e8b4fa1df37_JaffaCakes118
Size

313KB
Sample

240514-xtqgyacc52
MD5

42a3dac23cdb9a3b84fa9e8b4fa1df37
SHA1

7bcc57f761f4d015013c6fd991a4363ab4cf66cd
SHA256

edd7f9a0cbef373ee8c540082aaba522f1b78fde76626b43905b94bb30679f10
SHA512

326fa72561ee21d6a5cdcbd33b9b621228b52d0092c2a0648d3a10c3688bb4325a2b3383bfdd3ced157ea1b8862212113f177d4bea0e35386c553070152868f7
SSDEEP

6144:YrJ9uEo2S1YnQmCX492DkwNP3qpYFQiY0Z56GICaNRCVEumbcF6ov5d889PgLVDE:Yrfu6/eIo4jVW5soVCcQovoO0DJM+ED

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  42a3dac23cdb9a3b84fa9e8b4fa1df37_JaffaCakes118
- Size
  
  313KB
- MD5
  
  42a3dac23cdb9a3b84fa9e8b4fa1df37
- SHA1
  
  7bcc57f761f4d015013c6fd991a4363ab4cf66cd
- SHA256
  
  edd7f9a0cbef373ee8c540082aaba522f1b78fde76626b43905b94bb30679f10
- SHA512
  
  326fa72561ee21d6a5cdcbd33b9b621228b52d0092c2a0648d3a10c3688bb4325a2b3383bfdd3ced157ea1b8862212113f177d4bea0e35386c553070152868f7
- SSDEEP
  
  6144:YrJ9uEo2S1YnQmCX492DkwNP3qpYFQiY0Z56GICaNRCVEumbcF6ov5d889PgLVDE:Yrfu6/eIo4jVW5soVCcQovoO0DJM+ED
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2