8aaf8addf71d82ec1c4e61f4aa2a3d22973114f75910e82a3b8f01f01339f6de | Triage

Sharing

General

Target

cffdf375c92a5b9ae4182065a9cc3dbf_JaffaCakes118
Size

304KB
Sample

240906-t8vtesxfkc
MD5

cffdf375c92a5b9ae4182065a9cc3dbf
SHA1

13ef3aa74b6f2813a6f019c602f5e507e4ea4e77
SHA256

8aaf8addf71d82ec1c4e61f4aa2a3d22973114f75910e82a3b8f01f01339f6de
SHA512

01fad1781963e347844fa5713277203269fb33583a194fcd915b27a6422dcb30a3187914814a367c25e0ae2becfd7eb3a1b46119e57d2396dcb5ea1ea0bc261e
SSDEEP

6144:NrkW9uEo2S1YnQmCX492DkwNP3qpYF4AqqWb+qR9h+uqkNfoM6YV5TmNa1a3SyPo:Nrkuu6/eIo4tQW62T+uTwM6YVxm24o

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  cffdf375c92a5b9ae4182065a9cc3dbf_JaffaCakes118
- Size
  
  304KB
- MD5
  
  cffdf375c92a5b9ae4182065a9cc3dbf
- SHA1
  
  13ef3aa74b6f2813a6f019c602f5e507e4ea4e77
- SHA256
  
  8aaf8addf71d82ec1c4e61f4aa2a3d22973114f75910e82a3b8f01f01339f6de
- SHA512
  
  01fad1781963e347844fa5713277203269fb33583a194fcd915b27a6422dcb30a3187914814a367c25e0ae2becfd7eb3a1b46119e57d2396dcb5ea1ea0bc261e
- SSDEEP
  
  6144:NrkW9uEo2S1YnQmCX492DkwNP3qpYF4AqqWb+qR9h+uqkNfoM6YV5TmNa1a3SyPo:Nrkuu6/eIo4tQW62T+uTwM6YVxm24o
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2