87a4d6a46713a52c343deff311c0bf3209b3c1e051357100a686fc036b5e1ac4 | Triage

Sharing

General

Target

a1d05b81f9dfab937c1db86773780558_JaffaCakes118
Size

269KB
Sample

240817-j78zjswcng
MD5

a1d05b81f9dfab937c1db86773780558
SHA1

cad886f1bdf1b9acb6ab47c6519a65292ab84d12
SHA256

87a4d6a46713a52c343deff311c0bf3209b3c1e051357100a686fc036b5e1ac4
SHA512

b86b63df3440612da77d42833ee35a894fb9d3e94b13ec5c2d900951ddbceeeb5053fe28ea454cb4b30dd1f32a486d48c479cf27f519c3d50d08f1cf2f64512f
SSDEEP

6144:QfGIxXCNTAtHPKQwPPQxpIl+GvCrgsADwS01+b0:sMKEHQwvCrgft08b0

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  a1d05b81f9dfab937c1db86773780558_JaffaCakes118
- Size
  
  269KB
- MD5
  
  a1d05b81f9dfab937c1db86773780558
- SHA1
  
  cad886f1bdf1b9acb6ab47c6519a65292ab84d12
- SHA256
  
  87a4d6a46713a52c343deff311c0bf3209b3c1e051357100a686fc036b5e1ac4
- SHA512
  
  b86b63df3440612da77d42833ee35a894fb9d3e94b13ec5c2d900951ddbceeeb5053fe28ea454cb4b30dd1f32a486d48c479cf27f519c3d50d08f1cf2f64512f
- SSDEEP
  
  6144:QfGIxXCNTAtHPKQwPPQxpIl+GvCrgsADwS01+b0:sMKEHQwvCrgft08b0
Score

7^/10

discovery
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2