ab5929e35b147546980ea387ffdc85fb20635e9af88a649b1f1309a0e96cd2e7 | Triage

Sharing

General

Target

2f79996cab5982a632697ce8fc9440fb_JaffaCakes118
Size

303KB
Sample

241009-mhvbmstgmh
MD5

2f79996cab5982a632697ce8fc9440fb
SHA1

ec0d717dd7498a5f84358f81593d562947e29269
SHA256

ab5929e35b147546980ea387ffdc85fb20635e9af88a649b1f1309a0e96cd2e7
SHA512

4c71e1debd65edf0edfa961423585575af25b47a8399e7f1d2549ea905f7261a5f80961908068a7142bc2e48fa5c3479a3425df944701dfa094ca6f77c871246
SSDEEP

6144:0rkX6Y0JQBkQRl7174NpNUM+UHs+h43nRLFJO2t3OEhLSMwcU9P4WbXQx7i:0rkX63yRl1uqM+gs+2RLTf+QLShvQx7i

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2f79996cab5982a632697ce8fc9440fb_JaffaCakes118
- Size
  
  303KB
- MD5
  
  2f79996cab5982a632697ce8fc9440fb
- SHA1
  
  ec0d717dd7498a5f84358f81593d562947e29269
- SHA256
  
  ab5929e35b147546980ea387ffdc85fb20635e9af88a649b1f1309a0e96cd2e7
- SHA512
  
  4c71e1debd65edf0edfa961423585575af25b47a8399e7f1d2549ea905f7261a5f80961908068a7142bc2e48fa5c3479a3425df944701dfa094ca6f77c871246
- SSDEEP
  
  6144:0rkX6Y0JQBkQRl7174NpNUM+UHs+h43nRLFJO2t3OEhLSMwcU9P4WbXQx7i:0rkX63yRl1uqM+gs+2RLTf+QLShvQx7i
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2