77ba04076cc2222a8bd10d0fdf9fd5de4b820156db7682c874849fb2f9a90e71 | Triage

Sharing

General

Target

bbf1bc853571f5cfbb8931f167785a8b_JaffaCakes118
Size

11.1MB
Sample

240823-qvnleaxajh
MD5

bbf1bc853571f5cfbb8931f167785a8b
SHA1

4564af0dbef8275a3d85d26bee4775f83ab22686
SHA256

77ba04076cc2222a8bd10d0fdf9fd5de4b820156db7682c874849fb2f9a90e71
SHA512

8d74511618ecd1d32799c5e5638635eea9eb52ca05d4b8628952e83c064a29112b6fdf1ca25d6c70a4dfafe6e8c6a20a450967e0bee19b72f8ff0ce0084c69ad
SSDEEP

98304:oaErgnCM0UAmrNBBBBBBBFBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB3:oOnCMamvzF

Score

10^/10

discovery evasion

Malware Config

Targets

- Target
  
  bbf1bc853571f5cfbb8931f167785a8b_JaffaCakes118
- Size
  
  11.1MB
- MD5
  
  bbf1bc853571f5cfbb8931f167785a8b
- SHA1
  
  4564af0dbef8275a3d85d26bee4775f83ab22686
- SHA256
  
  77ba04076cc2222a8bd10d0fdf9fd5de4b820156db7682c874849fb2f9a90e71
- SHA512
  
  8d74511618ecd1d32799c5e5638635eea9eb52ca05d4b8628952e83c064a29112b6fdf1ca25d6c70a4dfafe6e8c6a20a450967e0bee19b72f8ff0ce0084c69ad
- SSDEEP
  
  98304:oaErgnCM0UAmrNBBBBBBBFBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB3:oOnCMamvzF
Score

10^/10

discovery evasion
- Modifies visibility of file extensions in Explorer
  evasion
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Disables Task Manager via registry modification
  evasion
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasion

behavioral2

discoveryevasion