16873d5b6fb98968f6c1c3a59958767a1e81b1f9502e5ae6f63c0b23c7f3415a | Triage

Sharing

General

Target

f70ed443b0e0608d1adf48e194bfb13d_JaffaCakes118
Size

257KB
Sample

240925-3cg25atcrp
MD5

f70ed443b0e0608d1adf48e194bfb13d
SHA1

7f79efaf92644ffc48516fb4d16dec380aaebda6
SHA256

16873d5b6fb98968f6c1c3a59958767a1e81b1f9502e5ae6f63c0b23c7f3415a
SHA512

ffe442c58e489bf733ffc30023fc400716e69f961ff00818e4122ba6a47a422e4b050027409b02195784f7bc40c40763ffdc470d945643775bd3b26bd7bc6ba1
SSDEEP

3072:egkU2d7abR7pL5T0QkcNMMrJitvUVpRxHPmSMn1u8BLaRxJOARGFBxS:ZkU2d2JpzNMM4tcXRx9MnUjjGFBxS

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  f70ed443b0e0608d1adf48e194bfb13d_JaffaCakes118
- Size
  
  257KB
- MD5
  
  f70ed443b0e0608d1adf48e194bfb13d
- SHA1
  
  7f79efaf92644ffc48516fb4d16dec380aaebda6
- SHA256
  
  16873d5b6fb98968f6c1c3a59958767a1e81b1f9502e5ae6f63c0b23c7f3415a
- SHA512
  
  ffe442c58e489bf733ffc30023fc400716e69f961ff00818e4122ba6a47a422e4b050027409b02195784f7bc40c40763ffdc470d945643775bd3b26bd7bc6ba1
- SSDEEP
  
  3072:egkU2d7abR7pL5T0QkcNMMrJitvUVpRxHPmSMn1u8BLaRxJOARGFBxS:ZkU2d2JpzNMM4tcXRx9MnUjjGFBxS
Score

7^/10

discovery
- Executes dropped EXE
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2