780e2e9cbf7d59abcf58de21bf6031632b73fa58769af359bf1a4834ef13c030 | Triage

Sharing

General

Target

8bd994781a6553b76dc61408f2390dd2_JaffaCakes118
Size

322KB
Sample

240601-1cf4qagb99
MD5

8bd994781a6553b76dc61408f2390dd2
SHA1

af75fc6125e367d8b31e0b9404fb76f2b8f4560e
SHA256

780e2e9cbf7d59abcf58de21bf6031632b73fa58769af359bf1a4834ef13c030
SHA512

7c3aab1927d6aa987824fe80fb82c09b3931321003317ab9b877239095a140f05d965e5027be32d8d8e31461144f1d21b0d6814de89271bd9db0a9405fd2f315
SSDEEP

6144:ArV49uEo2S1YnQmCX492DkwNP3qpYFkKQdF8lgywXW/XK11AVBZ5jhqUnm8xcG:ArVQu6/eIo4qQdF8lEeXK11AZDqUmpG

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  8bd994781a6553b76dc61408f2390dd2_JaffaCakes118
- Size
  
  322KB
- MD5
  
  8bd994781a6553b76dc61408f2390dd2
- SHA1
  
  af75fc6125e367d8b31e0b9404fb76f2b8f4560e
- SHA256
  
  780e2e9cbf7d59abcf58de21bf6031632b73fa58769af359bf1a4834ef13c030
- SHA512
  
  7c3aab1927d6aa987824fe80fb82c09b3931321003317ab9b877239095a140f05d965e5027be32d8d8e31461144f1d21b0d6814de89271bd9db0a9405fd2f315
- SSDEEP
  
  6144:ArV49uEo2S1YnQmCX492DkwNP3qpYFkKQdF8lgywXW/XK11AVBZ5jhqUnm8xcG:ArVQu6/eIo4qQdF8lEeXK11AZDqUmpG
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2