0502c25cdf49f30858297c60e3a42ddbdc09e0b3a03aa14799407ea6f7d79f37 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f0c1470334ecb7dd85e4a3dac7156fdd_JaffaCakes118
Size

589KB
Sample

240921-2lv5nsyakc
MD5

f0c1470334ecb7dd85e4a3dac7156fdd
SHA1

62bc283d421699c815b761c4c261d359e02dda11
SHA256

0502c25cdf49f30858297c60e3a42ddbdc09e0b3a03aa14799407ea6f7d79f37
SHA512

0381980226db9b231415949884cf0e77a15b0b174e68f39af542f8d82082037695dd22a9b0bbd5ae8d136908f585ce2060d1f8edca0a0bb86f3fb5d840ae0a04
SSDEEP

12288:S2KvgHgC2970kAMHJmhxI7w7vEBPsRuvEH2ZVLRvRpnQOEP1/:S2KYA777A1he2vCyWDlrQP1

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  f0c1470334ecb7dd85e4a3dac7156fdd_JaffaCakes118
- Size
  
  589KB
- MD5
  
  f0c1470334ecb7dd85e4a3dac7156fdd
- SHA1
  
  62bc283d421699c815b761c4c261d359e02dda11
- SHA256
  
  0502c25cdf49f30858297c60e3a42ddbdc09e0b3a03aa14799407ea6f7d79f37
- SHA512
  
  0381980226db9b231415949884cf0e77a15b0b174e68f39af542f8d82082037695dd22a9b0bbd5ae8d136908f585ce2060d1f8edca0a0bb86f3fb5d840ae0a04
- SSDEEP
  
  12288:S2KvgHgC2970kAMHJmhxI7w7vEBPsRuvEH2ZVLRvRpnQOEP1/:S2KYA777A1he2vCyWDlrQP1
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/D1958.dll
- Size
  
  14KB
- MD5
  
  904beebec2790ee2ca0c90fc448ac7e0
- SHA1
  
  40fabf1eb0a3b7168351c4514c5288216cb1566d
- SHA256
  
  f730d9385bf72eac5d579bcf1f7e4330f1d239ca1054d4ead48e9e363d9f4222
- SHA512
  
  8bdbbaaf73e396cf9fd9866b3e824b7e70c59a2bdefdb3236387e60d0e645d011265fe79fb193f6c0d6abe2e9c01260720c71cd8f068fcc4624760511c54efaa
- SSDEEP
  
  192:apY9VuCnNCbs8dNyHdrvr5T1KEtx/9ehuhiDTUkSv/DxRyeHk51I7n13Xm:aptMNUjyVvGWxauhiDDS3DnyK7nF
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/setup1.exe
- Size
  
  535KB
- MD5
  
  f35daaafd00bdaf32183c6e2cf1e5c6c
- SHA1
  
  3d56c3f85f326184ba81864224e13ed31fd1a66e
- SHA256
  
  68b0d789393a04fe552d0669a39754d5b1dc5dfd856777b65775ea61d3c21860
- SHA512
  
  2cca8cc9f56ee1ecb7245fed8fe8877cb38230347dc14898ac33bf62747c11bb0ab4339af5cc64c92a710bb9262cf5637f881bd72162ac4585af8cb7f614e69e
- SSDEEP
  
  12288:Rx24fxoaMNyONiFI65cvyRCTivxAQxskbsENFigKk8RmlbezT04AL:RRxoaZoiFfXJvxvxskhNFil1mkzT1AL
Score

1^/10
behavioral5 behavioral6

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6