515a49e400209c5c4df0ebfde5f8b511b981088298434fa3b08d6e2e63fdbcb8 | Triage

Sharing

General

Target

65bbf1e257aa7b30b4bf9c3a93882052_JaffaCakes118
Size

4.2MB
Sample

240522-c66dpshg52
MD5

65bbf1e257aa7b30b4bf9c3a93882052
SHA1

4166c61efdc97b7599163922ad00b04b80b5b3cf
SHA256

515a49e400209c5c4df0ebfde5f8b511b981088298434fa3b08d6e2e63fdbcb8
SHA512

82e9bfe094f14d7931aadbf94c20fa6e63e8e4bc3099e82a7bb6f413ab3d02bdfe3ce9038208293d03d7f97d92cd180c7aa7214ce7643ceb7af0d35281188306
SSDEEP

98304:RwoRIqXAfJt102DXdmdA+1xgoGKPhNHiEhDCn0U8xF7EeW:PRJXAT102DXdmdA+1xgoGKiUCh0PW

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  65bbf1e257aa7b30b4bf9c3a93882052_JaffaCakes118
- Size
  
  4.2MB
- MD5
  
  65bbf1e257aa7b30b4bf9c3a93882052
- SHA1
  
  4166c61efdc97b7599163922ad00b04b80b5b3cf
- SHA256
  
  515a49e400209c5c4df0ebfde5f8b511b981088298434fa3b08d6e2e63fdbcb8
- SHA512
  
  82e9bfe094f14d7931aadbf94c20fa6e63e8e4bc3099e82a7bb6f413ab3d02bdfe3ce9038208293d03d7f97d92cd180c7aa7214ce7643ceb7af0d35281188306
- SSDEEP
  
  98304:RwoRIqXAfJt102DXdmdA+1xgoGKPhNHiEhDCn0U8xF7EeW:PRJXAT102DXdmdA+1xgoGKiUCh0PW
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2