ea446a8e10d38a0e187a2b3a75b76204ad8fae68cb8950647987291858f763dc | Triage

Sharing

General

Target

a2eabb2ea0ea1d0694b8a913d0767018_JaffaCakes118
Size

72KB
Sample

240817-rvwgpazhja
MD5

a2eabb2ea0ea1d0694b8a913d0767018
SHA1

5ebd76e41c555c6032a2cdd35da2e77db963e5f6
SHA256

ea446a8e10d38a0e187a2b3a75b76204ad8fae68cb8950647987291858f763dc
SHA512

d0e892eb12551132963e427131df1a128cc2a7ecffda63a024f5bd4d6c7edd5f180ff8e75db32dcdd8fafcdfc7112a73b6fc791a5da4a586a069e6a45ea3320e
SSDEEP

768:rpQNwC3BEc4QEfu0Ei8XxNDINE3BEJwRrCb:teThavEjDWguKCb

Score

10^/10

discovery evasion

Malware Config

Targets

- Target
  
  a2eabb2ea0ea1d0694b8a913d0767018_JaffaCakes118
- Size
  
  72KB
- MD5
  
  a2eabb2ea0ea1d0694b8a913d0767018
- SHA1
  
  5ebd76e41c555c6032a2cdd35da2e77db963e5f6
- SHA256
  
  ea446a8e10d38a0e187a2b3a75b76204ad8fae68cb8950647987291858f763dc
- SHA512
  
  d0e892eb12551132963e427131df1a128cc2a7ecffda63a024f5bd4d6c7edd5f180ff8e75db32dcdd8fafcdfc7112a73b6fc791a5da4a586a069e6a45ea3320e
- SSDEEP
  
  768:rpQNwC3BEc4QEfu0Ei8XxNDINE3BEJwRrCb:teThavEjDWguKCb
Score

10^/10

discovery evasion
- Modifies visibility of file extensions in Explorer
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Network Share Discovery
  Attempt to gather information on host network.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Network Share Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

System Time Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasion

behavioral2

discoveryevasion