3b89c0398f3ff27ab94ef8ee00222a26452771ef5a3ad19c9165c11be5dee46b | Triage

Sharing

General

Target

612fbe90dc8eb6ed653525d1bb831f1d_JaffaCakes118
Size

258KB
Sample

240520-2qn7xsag7y
MD5

612fbe90dc8eb6ed653525d1bb831f1d
SHA1

be8e8f795144d6dad3375ef7f9765a04000950f1
SHA256

3b89c0398f3ff27ab94ef8ee00222a26452771ef5a3ad19c9165c11be5dee46b
SHA512

c4876d328f67efd3e29f378422dc1c8f2ac41086228cf95d7f1b6d7143b8b51253318869aea7c4ac2240c21c34f273c6b56a112daf666a09823901116f66627c
SSDEEP

3072:zeaVr5gHqfrbmKPduWl22nimED8s1pqxt3YHADsobZph50FBRXDplTfyuURWIodS:Jr6HKbx9l2l1pqvYgwobZERHfEYhRFzg

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  612fbe90dc8eb6ed653525d1bb831f1d_JaffaCakes118
- Size
  
  258KB
- MD5
  
  612fbe90dc8eb6ed653525d1bb831f1d
- SHA1
  
  be8e8f795144d6dad3375ef7f9765a04000950f1
- SHA256
  
  3b89c0398f3ff27ab94ef8ee00222a26452771ef5a3ad19c9165c11be5dee46b
- SHA512
  
  c4876d328f67efd3e29f378422dc1c8f2ac41086228cf95d7f1b6d7143b8b51253318869aea7c4ac2240c21c34f273c6b56a112daf666a09823901116f66627c
- SSDEEP
  
  3072:zeaVr5gHqfrbmKPduWl22nimED8s1pqxt3YHADsobZph50FBRXDplTfyuURWIodS:Jr6HKbx9l2l1pqvYgwobZERHfEYhRFzg
Score

7^/10

discovery
- Executes dropped EXE
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2