f5243cb0b163d0b08cd8f23c1ecca4515214b6b153966cf28ed64f89beea6800 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

JaffaCakes118_1e62e944e71bf706d4feb8249dfb9c20
Size

300KB
Sample

250706-f8dcgsar2w
MD5

1e62e944e71bf706d4feb8249dfb9c20
SHA1

2e9e2d513ac067dedf0c50907863c6b731a797cd
SHA256

f5243cb0b163d0b08cd8f23c1ecca4515214b6b153966cf28ed64f89beea6800
SHA512

b6ee61f256095ff11c075cad2ce1c8d8c1b51bcd762f1340bb16aea3966cf7d8f7ed711cecc53d99df37fd4c3eecda580dac0d34dd28a8fdec5d804da34334f5
SSDEEP

6144:Wrka9uEo2S1YnQmCX492DkwNP3qpYF1aZpbdnMne3SLFjpjhGdO503+rhc9:WrkCu6/eIo4Zf5nMmOjVG+u

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  JaffaCakes118_1e62e944e71bf706d4feb8249dfb9c20
- Size
  
  300KB
- MD5
  
  1e62e944e71bf706d4feb8249dfb9c20
- SHA1
  
  2e9e2d513ac067dedf0c50907863c6b731a797cd
- SHA256
  
  f5243cb0b163d0b08cd8f23c1ecca4515214b6b153966cf28ed64f89beea6800
- SHA512
  
  b6ee61f256095ff11c075cad2ce1c8d8c1b51bcd762f1340bb16aea3966cf7d8f7ed711cecc53d99df37fd4c3eecda580dac0d34dd28a8fdec5d804da34334f5
- SSDEEP
  
  6144:Wrka9uEo2S1YnQmCX492DkwNP3qpYF1aZpbdnMne3SLFjpjhGdO503+rhc9:WrkCu6/eIo4Zf5nMmOjVG+u
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1