bf28d92b198c3767c1c63547cb3ef25cbf5a43ef9c7799b462ac62f202a51645 | Triage

Sharing

General

Target

42f5dcb8687f1b10fef5536081e4ba1d_JaffaCakes118
Size

304KB
Sample

241014-tbt6maxapk
MD5

42f5dcb8687f1b10fef5536081e4ba1d
SHA1

61128e9662148fdf40b9d3eb71622c6862aa8993
SHA256

bf28d92b198c3767c1c63547cb3ef25cbf5a43ef9c7799b462ac62f202a51645
SHA512

41aaaac339f7fdb579bb8dbebf839e721ef8a1721d817d15760838c8a9675b9f8607fd7ec7661dc1b82392bbbf2db8601cc460ba042348b7cd8e0cf9627ac9a2
SSDEEP

6144:3rkX6Y0JQBkQRl7174NpNUM+UHs+h43nRLFJO2t3OEhLSMwcU9P4WbXQx7i:3rkX63yRl1uqM+gs+2RLTf+QLShvQx7i

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  42f5dcb8687f1b10fef5536081e4ba1d_JaffaCakes118
- Size
  
  304KB
- MD5
  
  42f5dcb8687f1b10fef5536081e4ba1d
- SHA1
  
  61128e9662148fdf40b9d3eb71622c6862aa8993
- SHA256
  
  bf28d92b198c3767c1c63547cb3ef25cbf5a43ef9c7799b462ac62f202a51645
- SHA512
  
  41aaaac339f7fdb579bb8dbebf839e721ef8a1721d817d15760838c8a9675b9f8607fd7ec7661dc1b82392bbbf2db8601cc460ba042348b7cd8e0cf9627ac9a2
- SSDEEP
  
  6144:3rkX6Y0JQBkQRl7174NpNUM+UHs+h43nRLFJO2t3OEhLSMwcU9P4WbXQx7i:3rkX63yRl1uqM+gs+2RLTf+QLShvQx7i
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2