00d518bc3b6ad6b7731611fa7ccbca1423eef827e5c3ef0b9ea7a1dce30d6f1d | Triage

Sharing

General

Target

70a08d5f3cb7d39f50b04f28ff3fa7c8_JaffaCakes118
Size

322KB
Sample

240725-we5smsvdnr
MD5

70a08d5f3cb7d39f50b04f28ff3fa7c8
SHA1

23215060bf0bdf499faf664bedd15fd939d018f7
SHA256

00d518bc3b6ad6b7731611fa7ccbca1423eef827e5c3ef0b9ea7a1dce30d6f1d
SHA512

01702b05eebc8bb6b59ffcfd6393ba3bbf728b8e30e3a3edbdde42d5abd946314f9a65a8fff9aeac6345bed9a60d3d3c3abc4986372a5ae23ea7d03dec173d50
SSDEEP

6144:5YswEpkRX4iDMBSZmjIKBIU5yi33ZI0qIMIJy2Y6ztdkblUECxwd:5SEpk14iDmKGI0IqrZIwMx2Y6J6blU5w

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  70a08d5f3cb7d39f50b04f28ff3fa7c8_JaffaCakes118
- Size
  
  322KB
- MD5
  
  70a08d5f3cb7d39f50b04f28ff3fa7c8
- SHA1
  
  23215060bf0bdf499faf664bedd15fd939d018f7
- SHA256
  
  00d518bc3b6ad6b7731611fa7ccbca1423eef827e5c3ef0b9ea7a1dce30d6f1d
- SHA512
  
  01702b05eebc8bb6b59ffcfd6393ba3bbf728b8e30e3a3edbdde42d5abd946314f9a65a8fff9aeac6345bed9a60d3d3c3abc4986372a5ae23ea7d03dec173d50
- SSDEEP
  
  6144:5YswEpkRX4iDMBSZmjIKBIU5yi33ZI0qIMIJy2Y6ztdkblUECxwd:5SEpk14iDmKGI0IqrZIwMx2Y6J6blU5w
Score

7^/10

persistence discovery
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2