0ffb0472e128effd28efe4e919d91b3c757e2791947303a35c91db6ca224833f | Triage

Sharing

General

Target

2a8e773ee34f963d12f036504e259512_JaffaCakes118
Size

92KB
Sample

240708-b6vfrsyfma
MD5

2a8e773ee34f963d12f036504e259512
SHA1

754bca1b855e7075c95e452eac5c8b378f7825a1
SHA256

0ffb0472e128effd28efe4e919d91b3c757e2791947303a35c91db6ca224833f
SHA512

110f1deaa55ac72bddaf765d5a4c6864a19339e811b4cf8e28bc3d925b08269dd57f7d4c3dc79580ab17489747945163e390780ed63d11c30c2b8aa17da45c4d
SSDEEP

768:gU6PpQ5gcBC0PUw4tQLNB7kQlpuGs2jgzQzTGfl:96P+BE0PP4tQL37k4piQgzQY

Score

10^/10

evasion

Malware Config

Targets

- Target
  
  2a8e773ee34f963d12f036504e259512_JaffaCakes118
- Size
  
  92KB
- MD5
  
  2a8e773ee34f963d12f036504e259512
- SHA1
  
  754bca1b855e7075c95e452eac5c8b378f7825a1
- SHA256
  
  0ffb0472e128effd28efe4e919d91b3c757e2791947303a35c91db6ca224833f
- SHA512
  
  110f1deaa55ac72bddaf765d5a4c6864a19339e811b4cf8e28bc3d925b08269dd57f7d4c3dc79580ab17489747945163e390780ed63d11c30c2b8aa17da45c4d
- SSDEEP
  
  768:gU6PpQ5gcBC0PUw4tQLNB7kQlpuGs2jgzQzTGfl:96P+BE0PP4tQL37k4piQgzQY
Score

10^/10

evasion
- Modifies visibility of file extensions in Explorer
  evasion
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2