b4095a24e98dff0154860c6867e164aaaf6e39dd16c02829f797187d8b61a540 | Triage

Sharing

General

Target

87b9d4bfe95ca670cc307678e086bcfc_JaffaCakes118
Size

313KB
Sample

240531-vlhq1seg5s
MD5

87b9d4bfe95ca670cc307678e086bcfc
SHA1

dcf0d2c1907c53d56ba948bbc0883f8f4a95334d
SHA256

b4095a24e98dff0154860c6867e164aaaf6e39dd16c02829f797187d8b61a540
SHA512

b3a3c011b15558ce76f3067f6190668e14dd7f9918952f1e2c579f54baa5067053f72aa0c3002f68ddb45a284d24ca419fcb48d188136abc6d8af56541419d2c
SSDEEP

6144:grJ9uEo2S1YnQmCX492DkwNP3qpYFQiY0Z56GICaNRCVEumbcF6ov5d889PgLVDl:grfu6/eIo4jVW5soVCcQovoO0DJM+Eq

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  87b9d4bfe95ca670cc307678e086bcfc_JaffaCakes118
- Size
  
  313KB
- MD5
  
  87b9d4bfe95ca670cc307678e086bcfc
- SHA1
  
  dcf0d2c1907c53d56ba948bbc0883f8f4a95334d
- SHA256
  
  b4095a24e98dff0154860c6867e164aaaf6e39dd16c02829f797187d8b61a540
- SHA512
  
  b3a3c011b15558ce76f3067f6190668e14dd7f9918952f1e2c579f54baa5067053f72aa0c3002f68ddb45a284d24ca419fcb48d188136abc6d8af56541419d2c
- SSDEEP
  
  6144:grJ9uEo2S1YnQmCX492DkwNP3qpYFQiY0Z56GICaNRCVEumbcF6ov5d889PgLVDl:grfu6/eIo4jVW5soVCcQovoO0DJM+Eq
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2