26d86420f106e24f891a4d9a9b8bb7e515c3f8684474b931d4cd1909cd3a25a0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

84b0c3e89d3994fa4b8aca8369f01d16_JaffaCakes118
Size

72KB
Sample

240810-eccweavapn
MD5

84b0c3e89d3994fa4b8aca8369f01d16
SHA1

911a9401a8b6f1de68cbc36d7e2ab6a98da7d2cd
SHA256

26d86420f106e24f891a4d9a9b8bb7e515c3f8684474b931d4cd1909cd3a25a0
SHA512

a9fdb836f6800fd8ebbc97e67b89adee59dd4378489767db349f810617f437af4f9b0e3318cb2e2406258746c9999bb62a9436090c3ff1c26625638acc197376
SSDEEP

768:rpQNwC3BEc4QEfu0Ei8XxNDINE3BEJwRrC9:teThavEjDWguKC9

Score

10^/10

discovery evasion

Malware Config

Targets

- Target
  
  84b0c3e89d3994fa4b8aca8369f01d16_JaffaCakes118
- Size
  
  72KB
- MD5
  
  84b0c3e89d3994fa4b8aca8369f01d16
- SHA1
  
  911a9401a8b6f1de68cbc36d7e2ab6a98da7d2cd
- SHA256
  
  26d86420f106e24f891a4d9a9b8bb7e515c3f8684474b931d4cd1909cd3a25a0
- SHA512
  
  a9fdb836f6800fd8ebbc97e67b89adee59dd4378489767db349f810617f437af4f9b0e3318cb2e2406258746c9999bb62a9436090c3ff1c26625638acc197376
- SSDEEP
  
  768:rpQNwC3BEc4QEfu0Ei8XxNDINE3BEJwRrC9:teThavEjDWguKC9
Score

10^/10

discovery evasion
- Modifies visibility of file extensions in Explorer
  evasion
- Drops file in Drivers directory
- Executes dropped EXE
- Loads dropped DLL
- Network Share Discovery
  Attempt to gather information on host network.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Network Share Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasion

behavioral2

discoveryevasion