7b6e4ebe021456eb221a69324dd95a2f887fce43335b1be0b884a172e816e4ea | Triage

Sharing

General

Target

e2bcdf47f34da6163a95a41b138c7a01_JaffaCakes118
Size

18KB
Sample

240406-rrfbascc7t
MD5

e2bcdf47f34da6163a95a41b138c7a01
SHA1

803c3c954d65b76f84f32694c91da2b1d782688d
SHA256

7b6e4ebe021456eb221a69324dd95a2f887fce43335b1be0b884a172e816e4ea
SHA512

fb4a73233563005409a97724bc7d2b43f618db7e874599ca0709146b0bf5cefe51b3c7ddb48bfa88d8e852cc4986c2d6ab7a3b5b04cfb7db43460c21f0ba30ec
SSDEEP

384:ql9k1m5L4A9gqUV0zLVyPdGzrerDEsopgX069MIGn3ecQhx5IOJNxaTdHTOW/l:Ck1m5LNyq3zLVe/XFz0qMIG3enbnxaTJ

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  e2bcdf47f34da6163a95a41b138c7a01_JaffaCakes118
- Size
  
  18KB
- MD5
  
  e2bcdf47f34da6163a95a41b138c7a01
- SHA1
  
  803c3c954d65b76f84f32694c91da2b1d782688d
- SHA256
  
  7b6e4ebe021456eb221a69324dd95a2f887fce43335b1be0b884a172e816e4ea
- SHA512
  
  fb4a73233563005409a97724bc7d2b43f618db7e874599ca0709146b0bf5cefe51b3c7ddb48bfa88d8e852cc4986c2d6ab7a3b5b04cfb7db43460c21f0ba30ec
- SSDEEP
  
  384:ql9k1m5L4A9gqUV0zLVyPdGzrerDEsopgX069MIGn3ecQhx5IOJNxaTdHTOW/l:Ck1m5LNyq3zLVe/XFz0qMIG3enbnxaTJ
Score

7^/10

persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2