b8ede5ca8253f87bf1cde6c1e3ec2c566b7cd12f255c5b1b6ca0acca92771637 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f2bb8bc6fb0e1d956a9d18e83732cd92_JaffaCakes118
Size

124KB
Sample

240416-fhywhahh37
MD5

f2bb8bc6fb0e1d956a9d18e83732cd92
SHA1

0797dcd25ab68b121900813c253c27f8cdf980ac
SHA256

b8ede5ca8253f87bf1cde6c1e3ec2c566b7cd12f255c5b1b6ca0acca92771637
SHA512

a19e7e1c04763a01dfee1b611773659441fa58d7e9301d6c751d9bb361afa88cc49de7040b3f9ecfb866fb79377d0df11227988abf1e1b63bab5c956080f4b5b
SSDEEP

3072:IJ1Auw6CbiPf6cQa80Gh0kQ42Ha7o8WAE5zYUoh:l0ciX6E80+tQptzT

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  f2bb8bc6fb0e1d956a9d18e83732cd92_JaffaCakes118
- Size
  
  124KB
- MD5
  
  f2bb8bc6fb0e1d956a9d18e83732cd92
- SHA1
  
  0797dcd25ab68b121900813c253c27f8cdf980ac
- SHA256
  
  b8ede5ca8253f87bf1cde6c1e3ec2c566b7cd12f255c5b1b6ca0acca92771637
- SHA512
  
  a19e7e1c04763a01dfee1b611773659441fa58d7e9301d6c751d9bb361afa88cc49de7040b3f9ecfb866fb79377d0df11227988abf1e1b63bab5c956080f4b5b
- SSDEEP
  
  3072:IJ1Auw6CbiPf6cQa80Gh0kQ42Ha7o8WAE5zYUoh:l0ciX6E80+tQptzT
Score

8^/10

persistence
- Modifies AppInit DLL entries
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2