56ebfd03c12ee0d3b529debb8293a8cf1a030f2e690aa28083321d07981e01fc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1514ae0c4dcdb0117d9e3e0ccb3cdff7_JaffaCakes118
Size

72KB
Sample

241004-11fg4atbrg
MD5

1514ae0c4dcdb0117d9e3e0ccb3cdff7
SHA1

734e2071efcf122b77c5cdbda9d4174c7a87a5b9
SHA256

56ebfd03c12ee0d3b529debb8293a8cf1a030f2e690aa28083321d07981e01fc
SHA512

d1a29817a1704566ad7c36ea79a56a5f1a9747d6f1abadc7fb9259c0db6e80a0b0af3d8f4d4f002e75725773565226ab2e46732ed527ca10a5166d80a564d284
SSDEEP

384:i6wayA+1mwnA353BXR+oGfP5d/ZBHXME+l93qPAqee/w6yJ/wWD+S83BXR+oGf2J:ipQNwC3BEddsEqOt/hyJF+x3BEJwRrV

Score

10^/10

discovery evasion

Malware Config

Targets

- Target
  
  1514ae0c4dcdb0117d9e3e0ccb3cdff7_JaffaCakes118
- Size
  
  72KB
- MD5
  
  1514ae0c4dcdb0117d9e3e0ccb3cdff7
- SHA1
  
  734e2071efcf122b77c5cdbda9d4174c7a87a5b9
- SHA256
  
  56ebfd03c12ee0d3b529debb8293a8cf1a030f2e690aa28083321d07981e01fc
- SHA512
  
  d1a29817a1704566ad7c36ea79a56a5f1a9747d6f1abadc7fb9259c0db6e80a0b0af3d8f4d4f002e75725773565226ab2e46732ed527ca10a5166d80a564d284
- SSDEEP
  
  384:i6wayA+1mwnA353BXR+oGfP5d/ZBHXME+l93qPAqee/w6yJ/wWD+S83BXR+oGf2J:ipQNwC3BEddsEqOt/hyJF+x3BEJwRrV
Score

10^/10

discovery evasion
- Modifies visibility of file extensions in Explorer
  evasion
- Disables RegEdit via registry modification
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Network Share Discovery
  Attempt to gather information on host network.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Network Share Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasion

behavioral2

discoveryevasion