5419c3c3738a5d197893dca193601ccaf0eb6198fefeaec34c263780a339602b | Triage

Sharing

General

Target

9fd925104e72d1967ccb79fbb27b278d_JaffaCakes118
Size

6.9MB
Sample

240612-hygy2atepf
MD5

9fd925104e72d1967ccb79fbb27b278d
SHA1

12c16592711167eda3c1fa4a2f0302df1ac974c8
SHA256

5419c3c3738a5d197893dca193601ccaf0eb6198fefeaec34c263780a339602b
SHA512

1fa02b46b57a7435412a0a8c05da8a17a04b39589c437a892acfee9659931b9e9fc096221bada268994d5b8a9e7f49deadeddc75ef1e658ffe9ff39e4f25a694
SSDEEP

196608:blBaxrjNXO6VCwtMrRUV7KPovBQFNuJcFttlzZY:xU5XnCRssUQFgJcPZY

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  sample
- Size
  
  46.6MB
- MD5
  
  6786f27c9558db89f94917e7846bdfa9
- SHA1
  
  f9dd7ed3eb6508bb3dda12a8d6a9bf0604c12c80
- SHA256
  
  151791fe4ab09c2611ecd4a6543fb62bbb8336853a5769827954ef6354d70f43
- SHA512
  
  06f65a18edb5b841cae84c3dd488f3e2e337fd73c194626c2f498628432d19ceda9d33139794a40f06d5bdac82bf2158954fd565e9597e1b6dd3e3bedc3ecf01
- SSDEEP
  
  196608:5Jwa6efw7kjueNqGLWlByaWjIu4pNMewsyhOoytlBzFoaK+qlJKDBeY:7r6efNueNqm34pNmER7oaK+qlJKDBe
Score

6^/10

persistence
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2