58a33e79b13ea7eb1dc56dfeb332be884b7d2b983e5036ca4d0ed02446724a5f | Triage

Sharing

General

Target

c2ac31f0b6bb6c1cadd03869101b505a_JaffaCakes118
Size

944KB
Sample

240826-kwpxzaxclq
MD5

c2ac31f0b6bb6c1cadd03869101b505a
SHA1

b1b608692b76fa57ee506082baf70ec21855e29c
SHA256

58a33e79b13ea7eb1dc56dfeb332be884b7d2b983e5036ca4d0ed02446724a5f
SHA512

d7b8309bc760a37f97dcea45c0e29196241038bda1f65d59fb5fe1937cdf0cb8c1fb19e43d3a1ffd6fc79ee885c0394e30264443beac4d8f5a7d8bb58ca6a0ba
SSDEEP

12288:1sZgmDZ77GJTnW0vcV6NTmiqVo9zPd3M1YiFeXZa7ZaKZVZMd/ZAfvN0:1agcGRnW0vhUiqVo9zPd3+Yigau

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  c2ac31f0b6bb6c1cadd03869101b505a_JaffaCakes118
- Size
  
  944KB
- MD5
  
  c2ac31f0b6bb6c1cadd03869101b505a
- SHA1
  
  b1b608692b76fa57ee506082baf70ec21855e29c
- SHA256
  
  58a33e79b13ea7eb1dc56dfeb332be884b7d2b983e5036ca4d0ed02446724a5f
- SHA512
  
  d7b8309bc760a37f97dcea45c0e29196241038bda1f65d59fb5fe1937cdf0cb8c1fb19e43d3a1ffd6fc79ee885c0394e30264443beac4d8f5a7d8bb58ca6a0ba
- SSDEEP
  
  12288:1sZgmDZ77GJTnW0vcV6NTmiqVo9zPd3M1YiFeXZa7ZaKZVZMd/ZAfvN0:1agcGRnW0vhUiqVo9zPd3+Yigau
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2