146bd3c624b0ff7ef26038d40083a4f6000ea1a21356557dd5094633ab0fa089 | Triage

Sharing

General

Target

adb989cdc8bd1e14ac26e05644bf18fd_JaffaCakes118
Size

255KB
Sample

240615-k9drvsvfre
MD5

adb989cdc8bd1e14ac26e05644bf18fd
SHA1

f8737af5076c6d8363e604b1f2b29f40586b50f6
SHA256

146bd3c624b0ff7ef26038d40083a4f6000ea1a21356557dd5094633ab0fa089
SHA512

00d8f51d126096b8cccd8572a0285a1ed41c7303655eb868d200169eb2136edc4602feec0ed7a5d1fcd59b5ba3bc440c369ed5090f6e8c23f2018d70b96c068c
SSDEEP

6144:fT5AZH+aXqrxhVA10GBeXAWWMjB22yIzep+sM:fti+c6GBOLxjPzeAsM

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  adb989cdc8bd1e14ac26e05644bf18fd_JaffaCakes118
- Size
  
  255KB
- MD5
  
  adb989cdc8bd1e14ac26e05644bf18fd
- SHA1
  
  f8737af5076c6d8363e604b1f2b29f40586b50f6
- SHA256
  
  146bd3c624b0ff7ef26038d40083a4f6000ea1a21356557dd5094633ab0fa089
- SHA512
  
  00d8f51d126096b8cccd8572a0285a1ed41c7303655eb868d200169eb2136edc4602feec0ed7a5d1fcd59b5ba3bc440c369ed5090f6e8c23f2018d70b96c068c
- SSDEEP
  
  6144:fT5AZH+aXqrxhVA10GBeXAWWMjB22yIzep+sM:fti+c6GBOLxjPzeAsM
Score

7^/10

discovery
- Executes dropped EXE
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2