1364bdd6f4b2c6948ff97d9d981f058f09509a2b1fbb0d79c74c8626ecdf4ca9 | Triage

Sharing

General

Target

7ab85a514f4176077236c0e9d341f7ad_JaffaCakes118
Size

321KB
Sample

240527-15gkysbh9z
MD5

7ab85a514f4176077236c0e9d341f7ad
SHA1

f1988168fed15f8ed3ca0d362a1b89602c878242
SHA256

1364bdd6f4b2c6948ff97d9d981f058f09509a2b1fbb0d79c74c8626ecdf4ca9
SHA512

b423eabc24efe5b4357cefb5b393611c1b95c01a10209537a577ebb7020f17a0907139704f89d10b5cc12afe945b0848ca4e5097e4aca8d1b69a9f6effb3dd24
SSDEEP

6144:UTDKBeSGU3S6Hq4FoZYWEDPCn20OJn6KGuXMF2HCY6NX4fL8Cr:UTWwoCW1F/XCn20o6FuSkv6NXkACr

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  7ab85a514f4176077236c0e9d341f7ad_JaffaCakes118
- Size
  
  321KB
- MD5
  
  7ab85a514f4176077236c0e9d341f7ad
- SHA1
  
  f1988168fed15f8ed3ca0d362a1b89602c878242
- SHA256
  
  1364bdd6f4b2c6948ff97d9d981f058f09509a2b1fbb0d79c74c8626ecdf4ca9
- SHA512
  
  b423eabc24efe5b4357cefb5b393611c1b95c01a10209537a577ebb7020f17a0907139704f89d10b5cc12afe945b0848ca4e5097e4aca8d1b69a9f6effb3dd24
- SSDEEP
  
  6144:UTDKBeSGU3S6Hq4FoZYWEDPCn20OJn6KGuXMF2HCY6NX4fL8Cr:UTWwoCW1F/XCn20o6FuSkv6NXkACr
Score

7^/10

discovery
- Executes dropped EXE
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2