114a9d34b457863afde76a83c009b635957fc866a5937d846f43fe011c6b8b1b | Triage

Sharing

General

Target

6a16214775a6cb260aa0a5703cf4cd22_JaffaCakes118
Size

321KB
Sample

240523-hk6p8sgg2w
MD5

6a16214775a6cb260aa0a5703cf4cd22
SHA1

62ae409400455194a86b22e3297abade0d3edbb7
SHA256

114a9d34b457863afde76a83c009b635957fc866a5937d846f43fe011c6b8b1b
SHA512

c7bb7ed15012c7e1c991cb1d7a587b8016c3b638dbcf0060e53d342a5f2bfbd16f2686058ef5f233583b6cf29303800883498206f75d89b2d5fc0b2c686acab9
SSDEEP

6144:cfO3lkXCRHzSZpt1k8PJp4LpceET01xjtPOC8YLyXR2:N3lk6WZPJmLpceET0bRPOC8Y42

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  6a16214775a6cb260aa0a5703cf4cd22_JaffaCakes118
- Size
  
  321KB
- MD5
  
  6a16214775a6cb260aa0a5703cf4cd22
- SHA1
  
  62ae409400455194a86b22e3297abade0d3edbb7
- SHA256
  
  114a9d34b457863afde76a83c009b635957fc866a5937d846f43fe011c6b8b1b
- SHA512
  
  c7bb7ed15012c7e1c991cb1d7a587b8016c3b638dbcf0060e53d342a5f2bfbd16f2686058ef5f233583b6cf29303800883498206f75d89b2d5fc0b2c686acab9
- SSDEEP
  
  6144:cfO3lkXCRHzSZpt1k8PJp4LpceET01xjtPOC8YLyXR2:N3lk6WZPJmLpceET0bRPOC8Y42
Score

7^/10

discovery
- Executes dropped EXE
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2