c3559d53ac6d9647e6d47599629dd7f416f0f8c52458512d43c047cb47687522 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0a4f8699ad0a0f894cc5ed3bc01bd41b_JaffaCakes118
Size

318KB
Sample

241002-mz476ssclk
MD5

0a4f8699ad0a0f894cc5ed3bc01bd41b
SHA1

6d22f8dc2ce90c14be46744b0ac55a01be4af4a7
SHA256

c3559d53ac6d9647e6d47599629dd7f416f0f8c52458512d43c047cb47687522
SHA512

e00a3e652cc9e0a2283a695df6b663487e4113079344761ef759ffffe739b8420246c0463d32efb3d9c26076aed6c313880523ec1024f141c8327f36b9b999a5
SSDEEP

6144:Nr4S6Y0JQBkQRl7174NpNUM+UHs+iBQ8+D07NHSavn+gQ5C9x5CsJ:Nr4S63yRl1uqM+gs+iOVAIwnHokKe

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  0a4f8699ad0a0f894cc5ed3bc01bd41b_JaffaCakes118
- Size
  
  318KB
- MD5
  
  0a4f8699ad0a0f894cc5ed3bc01bd41b
- SHA1
  
  6d22f8dc2ce90c14be46744b0ac55a01be4af4a7
- SHA256
  
  c3559d53ac6d9647e6d47599629dd7f416f0f8c52458512d43c047cb47687522
- SHA512
  
  e00a3e652cc9e0a2283a695df6b663487e4113079344761ef759ffffe739b8420246c0463d32efb3d9c26076aed6c313880523ec1024f141c8327f36b9b999a5
- SSDEEP
  
  6144:Nr4S6Y0JQBkQRl7174NpNUM+UHs+iBQ8+D07NHSavn+gQ5C9x5CsJ:Nr4S63yRl1uqM+gs+iOVAIwnHokKe
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2