ebea03039b183a5fac62680968d3d69f632dead8779c527ffb4ab9493a7db2e0 | Triage

Sharing

General

Target

f1405c977dd54d0ed283a0feb832c0e7_JaffaCakes118
Size

37KB
Sample

240415-rjmqeagc98
MD5

f1405c977dd54d0ed283a0feb832c0e7
SHA1

58d682550e8accfb5d2da1618829ee042775c583
SHA256

ebea03039b183a5fac62680968d3d69f632dead8779c527ffb4ab9493a7db2e0
SHA512

9cb5cc2c819873fae69d055971826a1fa1e335a8d2742199170bd1d71128a5ad14078a58372b9c33e41a8845e3d6852900685d513276a0df7635dea176b84087
SSDEEP

768:38XScD1GgWStNQJVlwsT9WTqoc3a8qJzNA:sSm1GgNoCKWokRA

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  f1405c977dd54d0ed283a0feb832c0e7_JaffaCakes118
- Size
  
  37KB
- MD5
  
  f1405c977dd54d0ed283a0feb832c0e7
- SHA1
  
  58d682550e8accfb5d2da1618829ee042775c583
- SHA256
  
  ebea03039b183a5fac62680968d3d69f632dead8779c527ffb4ab9493a7db2e0
- SHA512
  
  9cb5cc2c819873fae69d055971826a1fa1e335a8d2742199170bd1d71128a5ad14078a58372b9c33e41a8845e3d6852900685d513276a0df7635dea176b84087
- SSDEEP
  
  768:38XScD1GgWStNQJVlwsT9WTqoc3a8qJzNA:sSm1GgNoCKWokRA
Score

7^/10

persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2