c2abebbcae6d980593d1d34c5bbe9d5b6b96dd0e10728cd804838d0b47d16264 | Triage

Sharing

General

Target

15ba5522f2cf8e468b54d1fd9b931dfa_JaffaCakes118
Size

303KB
Sample

241005-cfywyatbph
MD5

15ba5522f2cf8e468b54d1fd9b931dfa
SHA1

87275744ccbc1f887d1a62c579c4d888ab452f3d
SHA256

c2abebbcae6d980593d1d34c5bbe9d5b6b96dd0e10728cd804838d0b47d16264
SHA512

59983039ee013330e2de0fa8491cd2fac6356b44c23a3f37560c46f0f8d337f47d8ba9bbcf62e409363dee1d06219998b33225dec0fc97e82e425d96c4a3f5a3
SSDEEP

6144:TrkX6Y0JQBkQRl7174NpNUM+UHs+h43nRLFJO2t3OEhLSMwcU9P4WbXQx7x:TrkX63yRl1uqM+gs+2RLTf+QLShvQx7x

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  15ba5522f2cf8e468b54d1fd9b931dfa_JaffaCakes118
- Size
  
  303KB
- MD5
  
  15ba5522f2cf8e468b54d1fd9b931dfa
- SHA1
  
  87275744ccbc1f887d1a62c579c4d888ab452f3d
- SHA256
  
  c2abebbcae6d980593d1d34c5bbe9d5b6b96dd0e10728cd804838d0b47d16264
- SHA512
  
  59983039ee013330e2de0fa8491cd2fac6356b44c23a3f37560c46f0f8d337f47d8ba9bbcf62e409363dee1d06219998b33225dec0fc97e82e425d96c4a3f5a3
- SSDEEP
  
  6144:TrkX6Y0JQBkQRl7174NpNUM+UHs+h43nRLFJO2t3OEhLSMwcU9P4WbXQx7x:TrkX63yRl1uqM+gs+2RLTf+QLShvQx7x
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2