78c6a86977b242a9cc8f4349ffd769027f8635cbf2a5590aa0297ca09a8b9be2 | Triage

Sharing

General

Target

690a0d725165aa2196c7124f9b19b299_JaffaCakes118
Size

327KB
Sample

240522-3rns8adf3t
MD5

690a0d725165aa2196c7124f9b19b299
SHA1

20665ef72a7b5a5c6ac4eec778660c43040651ee
SHA256

78c6a86977b242a9cc8f4349ffd769027f8635cbf2a5590aa0297ca09a8b9be2
SHA512

fefb68b3ae8d2a8c93b5088a0ec843da1d4a35e25a24ed70640c84c63f650b54e673eb6ce2a8a9acc2b8a1e388e4fd270d8890e986ad8b0cc9a66ce75fb89ece
SSDEEP

6144:Zr469uEo2S1YnQmCX492DkwNP3qpYFGgjwuBGVdLAt4ZHd2i3gjd+ZD/6FP:Zr4iu6/eIo4Rsw33AtsmQa

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  690a0d725165aa2196c7124f9b19b299_JaffaCakes118
- Size
  
  327KB
- MD5
  
  690a0d725165aa2196c7124f9b19b299
- SHA1
  
  20665ef72a7b5a5c6ac4eec778660c43040651ee
- SHA256
  
  78c6a86977b242a9cc8f4349ffd769027f8635cbf2a5590aa0297ca09a8b9be2
- SHA512
  
  fefb68b3ae8d2a8c93b5088a0ec843da1d4a35e25a24ed70640c84c63f650b54e673eb6ce2a8a9acc2b8a1e388e4fd270d8890e986ad8b0cc9a66ce75fb89ece
- SSDEEP
  
  6144:Zr469uEo2S1YnQmCX492DkwNP3qpYFGgjwuBGVdLAt4ZHd2i3gjd+ZD/6FP:Zr4iu6/eIo4Rsw33AtsmQa
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2