2b552290b01941c41ec70abc8a5554620286ff923f9b682a5bbb486d04aead32 | Triage

Sharing

General

Target

70b08ec86854cc9e231930761edf5774_JaffaCakes118
Size

718KB
Sample

240725-wtxqkswckk
MD5

70b08ec86854cc9e231930761edf5774
SHA1

091282d7ca19a1b62b9beda72ed8b42f5f231a09
SHA256

2b552290b01941c41ec70abc8a5554620286ff923f9b682a5bbb486d04aead32
SHA512

17a2ae72af203a33637da3d1cdfbb7b35e0a2579ac931260f9c01c58ebe9f9c1cf95afc484aeacf65007748c14f7032f865e6b4bfd6d93d1ff084b01fb6d1351
SSDEEP

6144:AM/in98C/WvBJIzvGO8QC2VqEC8nVG2CPRgLXM+1mq7kycl8dk3LNr6XoRDae8N7:5C98CQnmGl2z+gL8+13gyc6EZou+ATW

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  70b08ec86854cc9e231930761edf5774_JaffaCakes118
- Size
  
  718KB
- MD5
  
  70b08ec86854cc9e231930761edf5774
- SHA1
  
  091282d7ca19a1b62b9beda72ed8b42f5f231a09
- SHA256
  
  2b552290b01941c41ec70abc8a5554620286ff923f9b682a5bbb486d04aead32
- SHA512
  
  17a2ae72af203a33637da3d1cdfbb7b35e0a2579ac931260f9c01c58ebe9f9c1cf95afc484aeacf65007748c14f7032f865e6b4bfd6d93d1ff084b01fb6d1351
- SSDEEP
  
  6144:AM/in98C/WvBJIzvGO8QC2VqEC8nVG2CPRgLXM+1mq7kycl8dk3LNr6XoRDae8N7:5C98CQnmGl2z+gL8+13gyc6EZou+ATW
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Program crash
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2