050c8c1743ea038f6a8107900ca208b3014c29db9274d98aa00d6679abce7e5c | Triage

Sharing

General

Target

d2795dbf8e04fddc77d55d967ffefbfb_JaffaCakes118
Size

341KB
Sample

240907-v4j2sswajk
MD5

d2795dbf8e04fddc77d55d967ffefbfb
SHA1

92be9d18b7bd1be85d487b0ea6cd1980a35d3bcd
SHA256

050c8c1743ea038f6a8107900ca208b3014c29db9274d98aa00d6679abce7e5c
SHA512

8472c1d1af7698ae09e168bc71155980ef1cce91d7582bca5dfdcad07847d60447ed299f7f301a810ea5e897dce70dac5f1965824c399024f4c6d31cdf7207e0
SSDEEP

6144:ySoP+gkrA8psDJ8QODacML+9qv94mclYgVHPYgTzw5k:ySoBk9icGPekgVlE5k

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  d2795dbf8e04fddc77d55d967ffefbfb_JaffaCakes118
- Size
  
  341KB
- MD5
  
  d2795dbf8e04fddc77d55d967ffefbfb
- SHA1
  
  92be9d18b7bd1be85d487b0ea6cd1980a35d3bcd
- SHA256
  
  050c8c1743ea038f6a8107900ca208b3014c29db9274d98aa00d6679abce7e5c
- SHA512
  
  8472c1d1af7698ae09e168bc71155980ef1cce91d7582bca5dfdcad07847d60447ed299f7f301a810ea5e897dce70dac5f1965824c399024f4c6d31cdf7207e0
- SSDEEP
  
  6144:ySoP+gkrA8psDJ8QODacML+9qv94mclYgVHPYgTzw5k:ySoBk9icGPekgVlE5k
Score

7^/10

discovery
- Executes dropped EXE
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2