bad5a03e845196214d20c84c060a0d6170791d69ac06e28455c19fdd5e996c89 | Triage

Sharing

General

Target

168193b4ab0ad540f47311e8308854f8_JaffaCakes118
Size

303KB
Sample

241005-g4m7kathlb
MD5

168193b4ab0ad540f47311e8308854f8
SHA1

ec5b4df162a33834a22555c54337f9828e462d79
SHA256

bad5a03e845196214d20c84c060a0d6170791d69ac06e28455c19fdd5e996c89
SHA512

d55b16b365d204ad518c1f3a558675d8010eb7585fdb000b1845823c0deb3e2a90c69a4b863c4c9684ae064400d7fe7ed64d9f8a5a01262395e785fcb0d74546
SSDEEP

6144:8rkX6Y0JQBkQRl7174NpNUM+UHs+h43nRLFJO2t3OEhLSMwcU9P4WbXQx70:8rkX63yRl1uqM+gs+2RLTf+QLShvQx70

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  168193b4ab0ad540f47311e8308854f8_JaffaCakes118
- Size
  
  303KB
- MD5
  
  168193b4ab0ad540f47311e8308854f8
- SHA1
  
  ec5b4df162a33834a22555c54337f9828e462d79
- SHA256
  
  bad5a03e845196214d20c84c060a0d6170791d69ac06e28455c19fdd5e996c89
- SHA512
  
  d55b16b365d204ad518c1f3a558675d8010eb7585fdb000b1845823c0deb3e2a90c69a4b863c4c9684ae064400d7fe7ed64d9f8a5a01262395e785fcb0d74546
- SSDEEP
  
  6144:8rkX6Y0JQBkQRl7174NpNUM+UHs+h43nRLFJO2t3OEhLSMwcU9P4WbXQx70:8rkX63yRl1uqM+gs+2RLTf+QLShvQx70
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2