8b6b6075ca27e6b654017dbf087a0fafc5d1dba6fceabe386cd77c1849975fdb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e238b583af49c4c1303cbbb74c948f35_JaffaCakes118
Size

313KB
Sample

240915-l1vjpaxgnc
MD5

e238b583af49c4c1303cbbb74c948f35
SHA1

1fb79add31aa41e4ce5dc3df76612341a30a8571
SHA256

8b6b6075ca27e6b654017dbf087a0fafc5d1dba6fceabe386cd77c1849975fdb
SHA512

10441a815e505683a684d5f0cbef579bdcae1f7a58c89e3fa5c7a4f4f611d72bbbd71141d71b1dbe69242292de365c9d952a490c021ae0a295bdf87a47bd1b0c
SSDEEP

6144:4rb9uEo2S1YnQmCX492DkwNP3qpYFl2YyPuFITzyccux7rnrOzprCoMf:4rRu6/eIo4t3PuFITKUAs

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  e238b583af49c4c1303cbbb74c948f35_JaffaCakes118
- Size
  
  313KB
- MD5
  
  e238b583af49c4c1303cbbb74c948f35
- SHA1
  
  1fb79add31aa41e4ce5dc3df76612341a30a8571
- SHA256
  
  8b6b6075ca27e6b654017dbf087a0fafc5d1dba6fceabe386cd77c1849975fdb
- SHA512
  
  10441a815e505683a684d5f0cbef579bdcae1f7a58c89e3fa5c7a4f4f611d72bbbd71141d71b1dbe69242292de365c9d952a490c021ae0a295bdf87a47bd1b0c
- SSDEEP
  
  6144:4rb9uEo2S1YnQmCX492DkwNP3qpYFl2YyPuFITzyccux7rnrOzprCoMf:4rRu6/eIo4t3PuFITKUAs
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2