58cd686948a692f06f689077ad3c79f4ca0c647c5a2fb981a15777b1ba1f8289 | Triage

Sharing

General

Target

6a12a6cbf14be1313ce17b8ec26cb7c8_JaffaCakes118
Size

327KB
Sample

240523-hgpybagf4t
MD5

6a12a6cbf14be1313ce17b8ec26cb7c8
SHA1

564f22754844340217bba24d5c5235407802f1ec
SHA256

58cd686948a692f06f689077ad3c79f4ca0c647c5a2fb981a15777b1ba1f8289
SHA512

6239b57b1166f1bff96fd294f54ba463d5283d0bac3a9d1b03342c2e7412a8c7f29993f433a2c16326247b5e1a479c7af8887a350b32dd943b054ffd55f258ba
SSDEEP

6144:Br469uEo2S1YnQmCX492DkwNP3qpYFGgjwuBGVdLAt4ZHd2i3gjd+ZD/6FB:Br4iu6/eIo4Rsw33AtsmQU

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  6a12a6cbf14be1313ce17b8ec26cb7c8_JaffaCakes118
- Size
  
  327KB
- MD5
  
  6a12a6cbf14be1313ce17b8ec26cb7c8
- SHA1
  
  564f22754844340217bba24d5c5235407802f1ec
- SHA256
  
  58cd686948a692f06f689077ad3c79f4ca0c647c5a2fb981a15777b1ba1f8289
- SHA512
  
  6239b57b1166f1bff96fd294f54ba463d5283d0bac3a9d1b03342c2e7412a8c7f29993f433a2c16326247b5e1a479c7af8887a350b32dd943b054ffd55f258ba
- SSDEEP
  
  6144:Br469uEo2S1YnQmCX492DkwNP3qpYFGgjwuBGVdLAt4ZHd2i3gjd+ZD/6FB:Br4iu6/eIo4Rsw33AtsmQU
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2