16a05d5f7229b1357201fe0058c7c37d2c9dc44d43ed83454ba5f445ca153dec | Triage

Sharing

General

Target

f0b03aaee68bcca5a24557329f085635_JaffaCakes118
Size

78KB
Sample

240415-kqawvsaf24
MD5

f0b03aaee68bcca5a24557329f085635
SHA1

805a8ef296dd2afb6f6e9ba83fc4be66f8725926
SHA256

16a05d5f7229b1357201fe0058c7c37d2c9dc44d43ed83454ba5f445ca153dec
SHA512

2375f959e7dad386e6a0e63460344cd6debd645c6c9886dde9e8bd534cf59b2a728a517c8fac06ddfb1437231cd0605d69ba0de9787f3c0456595d67e41fa920
SSDEEP

1536:06j+c2C7ZdUeZvziG9/vFD2q5YvCwS0gxtvIo9ZHiv:0637ZdVZ79952qOCwSjBImHiv

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  f0b03aaee68bcca5a24557329f085635_JaffaCakes118
- Size
  
  78KB
- MD5
  
  f0b03aaee68bcca5a24557329f085635
- SHA1
  
  805a8ef296dd2afb6f6e9ba83fc4be66f8725926
- SHA256
  
  16a05d5f7229b1357201fe0058c7c37d2c9dc44d43ed83454ba5f445ca153dec
- SHA512
  
  2375f959e7dad386e6a0e63460344cd6debd645c6c9886dde9e8bd534cf59b2a728a517c8fac06ddfb1437231cd0605d69ba0de9787f3c0456595d67e41fa920
- SSDEEP
  
  1536:06j+c2C7ZdUeZvziG9/vFD2q5YvCwS0gxtvIo9ZHiv:0637ZdVZ79952qOCwSjBImHiv
Score

8^/10

persistence
- Sets DLL path for service in the registry
  persistence
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2