7b964ddebfd5d42e5e698c0e840988d2d9d93b004f94ea109d691896d3826905 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7a8eb17691a41ee70d5f8e11f1c25b0d_JaffaCakes118
Size

326KB
Sample

240527-z5crbsbe23
MD5

7a8eb17691a41ee70d5f8e11f1c25b0d
SHA1

6c26026affedcfade9a3fba174ee5a0a48e1dbd5
SHA256

7b964ddebfd5d42e5e698c0e840988d2d9d93b004f94ea109d691896d3826905
SHA512

66b47dcb554670997556b9d083d9f9c086722aa43f08c3a8d1bf30e55321d4bec988a2b0fc377d44f7b8ce0f1ec599d90f64c7606eb8833a8587a7d35305086a
SSDEEP

6144:Cr4I9uEo2S1YnQmCX492DkwNP3qpYFuT9U1FZA5MRwxuhhfch6clgI:Cr4gu6/eIo4nULZKMRwxuPfk6w

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  7a8eb17691a41ee70d5f8e11f1c25b0d_JaffaCakes118
- Size
  
  326KB
- MD5
  
  7a8eb17691a41ee70d5f8e11f1c25b0d
- SHA1
  
  6c26026affedcfade9a3fba174ee5a0a48e1dbd5
- SHA256
  
  7b964ddebfd5d42e5e698c0e840988d2d9d93b004f94ea109d691896d3826905
- SHA512
  
  66b47dcb554670997556b9d083d9f9c086722aa43f08c3a8d1bf30e55321d4bec988a2b0fc377d44f7b8ce0f1ec599d90f64c7606eb8833a8587a7d35305086a
- SSDEEP
  
  6144:Cr4I9uEo2S1YnQmCX492DkwNP3qpYFuT9U1FZA5MRwxuhhfch6clgI:Cr4gu6/eIo4nULZKMRwxuPfk6w
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2