95b72df5c9890ff2d152df8bd5fce1bfc1b07aca4e487313ab326633c44855e2 | Triage

Sharing

General

Target

68819dcb741422339ae6e5c34ce828d8_JaffaCakes118
Size

313KB
Sample

240522-y6cmaafd23
MD5

68819dcb741422339ae6e5c34ce828d8
SHA1

cfc696abb4f5d8a61d74b237a4de1ee9bb38ec45
SHA256

95b72df5c9890ff2d152df8bd5fce1bfc1b07aca4e487313ab326633c44855e2
SHA512

c703f52e79b553d01bdad1e5e3728dfd90068ca9cafeea3acfecfaa4cb05318159254c81d112e7c38c6d969501106bfa4234dec8f434a50d8b200c64451ad7c2
SSDEEP

6144:wrJ9uEo2S1YnQmCX492DkwNP3qpYFQiY0Z56GICaNRCVEumbcF6ov5d889PgLVDz:wrfu6/eIo4jVW5soVCcQovoO0DJM+EE

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  68819dcb741422339ae6e5c34ce828d8_JaffaCakes118
- Size
  
  313KB
- MD5
  
  68819dcb741422339ae6e5c34ce828d8
- SHA1
  
  cfc696abb4f5d8a61d74b237a4de1ee9bb38ec45
- SHA256
  
  95b72df5c9890ff2d152df8bd5fce1bfc1b07aca4e487313ab326633c44855e2
- SHA512
  
  c703f52e79b553d01bdad1e5e3728dfd90068ca9cafeea3acfecfaa4cb05318159254c81d112e7c38c6d969501106bfa4234dec8f434a50d8b200c64451ad7c2
- SSDEEP
  
  6144:wrJ9uEo2S1YnQmCX492DkwNP3qpYFQiY0Z56GICaNRCVEumbcF6ov5d889PgLVDz:wrfu6/eIo4jVW5soVCcQovoO0DJM+EE
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2