20fb0c6663e04ecc8c7fcb7d0eb6f6ce47f554e058eaf548910a9b554c9ce0df | Triage

Sharing

General

Target

63e775c146b88e23a5bcce673082b335_JaffaCakes118
Size

259KB
Sample

240521-tk987sbc88
MD5

63e775c146b88e23a5bcce673082b335
SHA1

895f0720eb8740e7fc3a059866a5ca60cf05a372
SHA256

20fb0c6663e04ecc8c7fcb7d0eb6f6ce47f554e058eaf548910a9b554c9ce0df
SHA512

d8ebce867bb85ebec887904074e1ab67b8b5e9b8fa1c4790cc313ccf5a3fe2f8fe0407b23e627695b3eefded445fb9b31828fd237842584ffb657ead10cb3225
SSDEEP

6144:p1f3p4J74B9NW1L9yM3OMO6tEjsV+wD8+O7TiVsPJWY:nh4l1L9DJOCuQ+Y3O7TiVQJWY

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  63e775c146b88e23a5bcce673082b335_JaffaCakes118
- Size
  
  259KB
- MD5
  
  63e775c146b88e23a5bcce673082b335
- SHA1
  
  895f0720eb8740e7fc3a059866a5ca60cf05a372
- SHA256
  
  20fb0c6663e04ecc8c7fcb7d0eb6f6ce47f554e058eaf548910a9b554c9ce0df
- SHA512
  
  d8ebce867bb85ebec887904074e1ab67b8b5e9b8fa1c4790cc313ccf5a3fe2f8fe0407b23e627695b3eefded445fb9b31828fd237842584ffb657ead10cb3225
- SSDEEP
  
  6144:p1f3p4J74B9NW1L9yM3OMO6tEjsV+wD8+O7TiVsPJWY:nh4l1L9DJOCuQ+Y3O7TiVQJWY
Score

7^/10

discovery
- Executes dropped EXE
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2