ccabffdd4bf425868896cc1db74281920b722f7ba0107c767fdbe265d8fa90da | Triage

Sharing

General

Target

ec7895ff1c76d9878eb83a1f5f293183_JaffaCakes118
Size

463KB
Sample

240411-csheqahg56
MD5

ec7895ff1c76d9878eb83a1f5f293183
SHA1

323cac16e31927d2dd60fcf44664a91f717ddb6b
SHA256

ccabffdd4bf425868896cc1db74281920b722f7ba0107c767fdbe265d8fa90da
SHA512

99a2bb3ad9cd27fb6ba4f11f30bca2dd7617f939f22ff82cfe93a7ed1e791a3108ec81c6eb1183f91882a2041c2b1b3e38530b96aa4a42af7d8bec4db07d71c3
SSDEEP

12288:jilc87eqqV5e+wBV6O+pAsRdcHzDkEca/Y:jiSqqHeVBxhsRdecEf/Y

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  ec7895ff1c76d9878eb83a1f5f293183_JaffaCakes118
- Size
  
  463KB
- MD5
  
  ec7895ff1c76d9878eb83a1f5f293183
- SHA1
  
  323cac16e31927d2dd60fcf44664a91f717ddb6b
- SHA256
  
  ccabffdd4bf425868896cc1db74281920b722f7ba0107c767fdbe265d8fa90da
- SHA512
  
  99a2bb3ad9cd27fb6ba4f11f30bca2dd7617f939f22ff82cfe93a7ed1e791a3108ec81c6eb1183f91882a2041c2b1b3e38530b96aa4a42af7d8bec4db07d71c3
- SSDEEP
  
  12288:jilc87eqqV5e+wBV6O+pAsRdcHzDkEca/Y:jiSqqHeVBxhsRdecEf/Y
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2