91d67a685055ea3b78171678cc0730f5ad93eaabe9f950edddd3694d93a0978f | Triage

Submit
Reports

Overview

overview

8

Static

static

1

b4a4b060d0...18.exe

windows7-x64

8

b4a4b060d0...18.exe

windows10-2004-x64

8

Sharing

General

Target

b4a4b060d031ffbae069f04fa1ba732e_JaffaCakes118
Size

17.2MB
Sample

241130-ec8cbavpem
MD5

b4a4b060d031ffbae069f04fa1ba732e
SHA1

e7c5f952c80e56b7029245808675540f80d14172
SHA256

91d67a685055ea3b78171678cc0730f5ad93eaabe9f950edddd3694d93a0978f
SHA512

f60e32869bd50e4a2496bb707a5a3ff59d93946e1a90fd9817f8de49f77a87e751a5bc9392f6cf9b28978575a13ba061f38a0b1345904a1308bf664598ef27a4
SSDEEP

393216:X4IfwrDWSOldcZFVhrxumVKtLu25S0No9oLPXxc:fIrSSO/cPVRRE/wM+8Pxc

Score

8^/10

discovery exploit

Static task

static1

Behavioral task

behavioral1

Sample

b4a4b060d031ffbae069f04fa1ba732e_JaffaCakes118.exe

Resource

win7-20241010-en

discovery exploit

windows7-x64

22 signatures

150 seconds

Behavioral task

behavioral2

Sample

b4a4b060d031ffbae069f04fa1ba732e_JaffaCakes118.exe

Resource

win10v2004-20241007-en

discovery exploit

windows10-2004-x64

23 signatures

150 seconds

Malware Config

Targets

- Target
  
  b4a4b060d031ffbae069f04fa1ba732e_JaffaCakes118
- Size
  
  17.2MB
- MD5
  
  b4a4b060d031ffbae069f04fa1ba732e
- SHA1
  
  e7c5f952c80e56b7029245808675540f80d14172
- SHA256
  
  91d67a685055ea3b78171678cc0730f5ad93eaabe9f950edddd3694d93a0978f
- SHA512
  
  f60e32869bd50e4a2496bb707a5a3ff59d93946e1a90fd9817f8de49f77a87e751a5bc9392f6cf9b28978575a13ba061f38a0b1345904a1308bf664598ef27a4
- SSDEEP
  
  393216:X4IfwrDWSOldcZFVhrxumVKtLu25S0No9oLPXxc:fIrSSO/cPVRRE/wM+8Pxc
Score

8^/10

discovery exploit
- Drops file in Drivers directory
- Possible privilege escalation attempt
  exploit
- Executes dropped EXE
- Loads dropped DLL
- Modifies file permissions
  discovery
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops desktop.ini file(s)
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryexploit

behavioral2

discoveryexploit

© 2018-2024

Terms | Privacy