e2936e2fb226d662b959ce1b98b364f44daeb040170de5bef9d3788153b5349b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f6adb08b07a8d0a04c3a71699b408b9a_JaffaCakes118
Size

14KB
Sample

240417-13l3nagh81
MD5

f6adb08b07a8d0a04c3a71699b408b9a
SHA1

6c83986d8610bb2e2e0c748621968fb192566eda
SHA256

e2936e2fb226d662b959ce1b98b364f44daeb040170de5bef9d3788153b5349b
SHA512

2849dd6b4a91c6cfbd7f5dc1e24cd7fd267d40be2277d82bab61e320302adbd6aa94a8dafff9d030759d4cd1f23fe803a519453751b47782c8d36c7ec51ef222
SSDEEP

384:IWbeMJvcDTyMDYdtuyxSS0UfRC+IboVz2O7PZELKL+8:TnN0zsROEVzpGX8

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  f6adb08b07a8d0a04c3a71699b408b9a_JaffaCakes118
- Size
  
  14KB
- MD5
  
  f6adb08b07a8d0a04c3a71699b408b9a
- SHA1
  
  6c83986d8610bb2e2e0c748621968fb192566eda
- SHA256
  
  e2936e2fb226d662b959ce1b98b364f44daeb040170de5bef9d3788153b5349b
- SHA512
  
  2849dd6b4a91c6cfbd7f5dc1e24cd7fd267d40be2277d82bab61e320302adbd6aa94a8dafff9d030759d4cd1f23fe803a519453751b47782c8d36c7ec51ef222
- SSDEEP
  
  384:IWbeMJvcDTyMDYdtuyxSS0UfRC+IboVz2O7PZELKL+8:TnN0zsROEVzpGX8
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2