a2d1c5e464e39868d32b5918c9c44dc995e30e9896c7db4d3436111e2347607a | Triage

Sharing

General

Target

b04647bd0718afd8c11cd417989dbbbd_JaffaCakes118
Size

219KB
Sample

240615-1qq6vazdlr
MD5

b04647bd0718afd8c11cd417989dbbbd
SHA1

e835ca4bf06ff1833a9384c52e0a476a8fc30597
SHA256

a2d1c5e464e39868d32b5918c9c44dc995e30e9896c7db4d3436111e2347607a
SHA512

2f34ba22dfeb6f24edbf9ac3ffd239e4220aa8b8456f7591ae6167f8466e30158dc3b399e481a4fee4750af0ee9b92aa36e29ec776f9a42c0126e6855256fe41
SSDEEP

6144:crOm88KNj9RAOdXemeyf5rUF1+IOT5920L:c6m2NRCO1eyhUX+IOa0L

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  b04647bd0718afd8c11cd417989dbbbd_JaffaCakes118
- Size
  
  219KB
- MD5
  
  b04647bd0718afd8c11cd417989dbbbd
- SHA1
  
  e835ca4bf06ff1833a9384c52e0a476a8fc30597
- SHA256
  
  a2d1c5e464e39868d32b5918c9c44dc995e30e9896c7db4d3436111e2347607a
- SHA512
  
  2f34ba22dfeb6f24edbf9ac3ffd239e4220aa8b8456f7591ae6167f8466e30158dc3b399e481a4fee4750af0ee9b92aa36e29ec776f9a42c0126e6855256fe41
- SSDEEP
  
  6144:crOm88KNj9RAOdXemeyf5rUF1+IOT5920L:c6m2NRCO1eyhUX+IOa0L
Score

7^/10

discovery
- Executes dropped EXE
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2