78cc54b9ec7155a7690d095129938c4a91010760fd92ff29d197ef5822060899 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4a6d4f7b65b8667f798d8c3565efc6e0_JaffaCakes118
Size

270KB
Sample

240715-tn54na1gqa
MD5

4a6d4f7b65b8667f798d8c3565efc6e0
SHA1

bd19d56fc8bffbc3ebff4bc62f2f951307438047
SHA256

78cc54b9ec7155a7690d095129938c4a91010760fd92ff29d197ef5822060899
SHA512

e8b5b37bbbfd2d8f8244b53fcd1040bc4921a4618373b90e22bdfd718788bc3738f02a8b27d2ff582ae384f88882e1bc244cf3759ed357167d7da39efbf59299
SSDEEP

6144:21tSQAkCpKTln0kFoaDfvbWlOG3UJHJrH1W7c:2FmkaKfvbjHV1W7c

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  4a6d4f7b65b8667f798d8c3565efc6e0_JaffaCakes118
- Size
  
  270KB
- MD5
  
  4a6d4f7b65b8667f798d8c3565efc6e0
- SHA1
  
  bd19d56fc8bffbc3ebff4bc62f2f951307438047
- SHA256
  
  78cc54b9ec7155a7690d095129938c4a91010760fd92ff29d197ef5822060899
- SHA512
  
  e8b5b37bbbfd2d8f8244b53fcd1040bc4921a4618373b90e22bdfd718788bc3738f02a8b27d2ff582ae384f88882e1bc244cf3759ed357167d7da39efbf59299
- SSDEEP
  
  6144:21tSQAkCpKTln0kFoaDfvbWlOG3UJHJrH1W7c:2FmkaKfvbjHV1W7c
Score

7^/10

persistence
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2