bd0458a28558c19734c62826c99159e4fbe1aae183dc36ba52abd060eaff396e | Triage

Sharing

General

Target

42acf2c1ba9a9cd920f8b707c2876d4d_JaffaCakes118
Size

316KB
Sample

241014-rlfd4stbrq
MD5

42acf2c1ba9a9cd920f8b707c2876d4d
SHA1

3d8d52c6a643e6c7b336b5fa8c33343080b33dbb
SHA256

bd0458a28558c19734c62826c99159e4fbe1aae183dc36ba52abd060eaff396e
SHA512

db8e849d0ecba7c606ec08f39bf1596065764d5d84e5743d04ea1cd828222560998b0f21468bde3a77df54105e6abfc0132994c3dd52d07a6ca8a18b443423c4
SSDEEP

6144:prvbUzkuvcBYC47l2xmDZH4xBsprVIvThDm9FdAZ+x99wVP:prkkuveY3zhlV6tmDxzwVP

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  42acf2c1ba9a9cd920f8b707c2876d4d_JaffaCakes118
- Size
  
  316KB
- MD5
  
  42acf2c1ba9a9cd920f8b707c2876d4d
- SHA1
  
  3d8d52c6a643e6c7b336b5fa8c33343080b33dbb
- SHA256
  
  bd0458a28558c19734c62826c99159e4fbe1aae183dc36ba52abd060eaff396e
- SHA512
  
  db8e849d0ecba7c606ec08f39bf1596065764d5d84e5743d04ea1cd828222560998b0f21468bde3a77df54105e6abfc0132994c3dd52d07a6ca8a18b443423c4
- SSDEEP
  
  6144:prvbUzkuvcBYC47l2xmDZH4xBsprVIvThDm9FdAZ+x99wVP:prkkuveY3zhlV6tmDxzwVP
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2