d220af3cff58c778a088c373b66c9ebd1e7ff79dc5c0dc24896865efcf6a9412 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bdf875442e515647c06ef01892e622d5_JaffaCakes118
Size

314KB
Sample

240824-f4fxtavfpd
MD5

bdf875442e515647c06ef01892e622d5
SHA1

3bd1ed540459d243d879a7d56494cdf9b7a1d8cd
SHA256

d220af3cff58c778a088c373b66c9ebd1e7ff79dc5c0dc24896865efcf6a9412
SHA512

7013ead14fe7a13368c08517f01786756924374a16e912a5daed4dc1c9eb52f4ab51033752f60120be53b68362140486938a4ae93042a30052495009a0db6c0c
SSDEEP

6144:YrAbUzkuvcBYC47l2xn88NEymFTYO67qzVxzRRwi:Yr1kuveY35YO67Wxz7wi

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  bdf875442e515647c06ef01892e622d5_JaffaCakes118
- Size
  
  314KB
- MD5
  
  bdf875442e515647c06ef01892e622d5
- SHA1
  
  3bd1ed540459d243d879a7d56494cdf9b7a1d8cd
- SHA256
  
  d220af3cff58c778a088c373b66c9ebd1e7ff79dc5c0dc24896865efcf6a9412
- SHA512
  
  7013ead14fe7a13368c08517f01786756924374a16e912a5daed4dc1c9eb52f4ab51033752f60120be53b68362140486938a4ae93042a30052495009a0db6c0c
- SSDEEP
  
  6144:YrAbUzkuvcBYC47l2xn88NEymFTYO67qzVxzRRwi:Yr1kuveY35YO67Wxz7wi
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2