05e5473e10797f096366a96c26388734692c2463682381ed6faed016f017a272 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ae901f0dd81e1ca92cb8958347a39602_JaffaCakes118
Size

257KB
Sample

240615-qdel6s1hjf
MD5

ae901f0dd81e1ca92cb8958347a39602
SHA1

5f140c1acd034b289f3b1ad372e666be0871cd08
SHA256

05e5473e10797f096366a96c26388734692c2463682381ed6faed016f017a272
SHA512

4bb41bc201dfa357a1ba3fd3c545885b7193f0f8ee95cc27b15bc2a971922526249ffce3bb15fa57669e8ed12a042ef4ab8e0303e1e45dbfc1e2472646efea4c
SSDEEP

6144:luon0sAuu6ijxfibTzTD5DB4UrZCelY8gqCn:lwsK6bDDtHrw58gqCn

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  ae901f0dd81e1ca92cb8958347a39602_JaffaCakes118
- Size
  
  257KB
- MD5
  
  ae901f0dd81e1ca92cb8958347a39602
- SHA1
  
  5f140c1acd034b289f3b1ad372e666be0871cd08
- SHA256
  
  05e5473e10797f096366a96c26388734692c2463682381ed6faed016f017a272
- SHA512
  
  4bb41bc201dfa357a1ba3fd3c545885b7193f0f8ee95cc27b15bc2a971922526249ffce3bb15fa57669e8ed12a042ef4ab8e0303e1e45dbfc1e2472646efea4c
- SSDEEP
  
  6144:luon0sAuu6ijxfibTzTD5DB4UrZCelY8gqCn:lwsK6bDDtHrw58gqCn
Score

7^/10

discovery
- Executes dropped EXE
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2