15f5f2ea38c609e07fa36609168e5d515735746b879dc348f13a8ab9bb3eb878 | Triage

Sharing

General

Target

69bb1d5130aedfb0f918d8a78a9b3248_JaffaCakes118
Size

320KB
Sample

240523-e6dpssdh5y
MD5

69bb1d5130aedfb0f918d8a78a9b3248
SHA1

dc37da04f2d46bacfa13897e7fabc33637d541be
SHA256

15f5f2ea38c609e07fa36609168e5d515735746b879dc348f13a8ab9bb3eb878
SHA512

73fb7c8f0d70b31d8839b405dc6a4748cbddeb5ca3fa969d79ce841d1a7be824865a92589037e407bbf3895dfdb6642b945570b2c8bee78e79984b07ab721599
SSDEEP

6144:CZrZBiNJ0edrAEI5ohk5Z15H4xvNx55ly/gIf0cD16:CRSZI5NZ3A55KgIscD16

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  69bb1d5130aedfb0f918d8a78a9b3248_JaffaCakes118
- Size
  
  320KB
- MD5
  
  69bb1d5130aedfb0f918d8a78a9b3248
- SHA1
  
  dc37da04f2d46bacfa13897e7fabc33637d541be
- SHA256
  
  15f5f2ea38c609e07fa36609168e5d515735746b879dc348f13a8ab9bb3eb878
- SHA512
  
  73fb7c8f0d70b31d8839b405dc6a4748cbddeb5ca3fa969d79ce841d1a7be824865a92589037e407bbf3895dfdb6642b945570b2c8bee78e79984b07ab721599
- SSDEEP
  
  6144:CZrZBiNJ0edrAEI5ohk5Z15H4xvNx55ly/gIf0cD16:CRSZI5NZ3A55KgIscD16
Score

7^/10

discovery
- Executes dropped EXE
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2