1095db24d59f6d61ed4d7f954a49a9a357270b96f2b6a0b0795445359e2240d7 | Triage

Sharing

General

Target

eb8210becfa817f0ba3896e5c31d267d_JaffaCakes118
Size

316KB
Sample

240919-rll7natbmn
MD5

eb8210becfa817f0ba3896e5c31d267d
SHA1

58fa568da85043a743b9103971f03bf43bf89bf5
SHA256

1095db24d59f6d61ed4d7f954a49a9a357270b96f2b6a0b0795445359e2240d7
SHA512

819df5fba9577d11b816d44191e78c586bdebca0d293c0a7dc6a6e9374e534cd600d9397557f1144a5284c20b490e84e3fd0df4e21b7d07a0cc81cb44620a22e
SSDEEP

6144:XrsbUzkuvcBYC47l2xRrm6N5hHRACL93wMGOp9Ag19xn+QqbgxSYi8J2Wf:XrxkuveY3IfhKCLiMd4gBhuPkJ2Wf

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  eb8210becfa817f0ba3896e5c31d267d_JaffaCakes118
- Size
  
  316KB
- MD5
  
  eb8210becfa817f0ba3896e5c31d267d
- SHA1
  
  58fa568da85043a743b9103971f03bf43bf89bf5
- SHA256
  
  1095db24d59f6d61ed4d7f954a49a9a357270b96f2b6a0b0795445359e2240d7
- SHA512
  
  819df5fba9577d11b816d44191e78c586bdebca0d293c0a7dc6a6e9374e534cd600d9397557f1144a5284c20b490e84e3fd0df4e21b7d07a0cc81cb44620a22e
- SSDEEP
  
  6144:XrsbUzkuvcBYC47l2xRrm6N5hHRACL93wMGOp9Ag19xn+QqbgxSYi8J2Wf:XrxkuveY3IfhKCLiMd4gBhuPkJ2Wf
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2