ed27bbe0f30e92a972def514aa432b2b78e06467479f8ad0b826b021d8ded48a | Triage

Sharing

General

Target

f9f5ed79eb3c639293d2594baee9c51c_JaffaCakes118
Size

90KB
Sample

240419-kx8fpsdc86
MD5

f9f5ed79eb3c639293d2594baee9c51c
SHA1

1d8e10db6d63393295164ddce847aca0ad9b3f93
SHA256

ed27bbe0f30e92a972def514aa432b2b78e06467479f8ad0b826b021d8ded48a
SHA512

879009f0f4565e404025aa003a51fa330d2ae521b6f0a7bc6c1690bdcaec330ef0422679d863ce31c0c80d35040f4c0acac0fa11e8d85996c7c73669147d5cdc
SSDEEP

1536:0y+yGpwKkA2XD+FyJ35+j/EmkLPaufu5O12WotI5BV0Cz:0kTN6FIgj/ErCufcWoan

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  f9f5ed79eb3c639293d2594baee9c51c_JaffaCakes118
- Size
  
  90KB
- MD5
  
  f9f5ed79eb3c639293d2594baee9c51c
- SHA1
  
  1d8e10db6d63393295164ddce847aca0ad9b3f93
- SHA256
  
  ed27bbe0f30e92a972def514aa432b2b78e06467479f8ad0b826b021d8ded48a
- SHA512
  
  879009f0f4565e404025aa003a51fa330d2ae521b6f0a7bc6c1690bdcaec330ef0422679d863ce31c0c80d35040f4c0acac0fa11e8d85996c7c73669147d5cdc
- SSDEEP
  
  1536:0y+yGpwKkA2XD+FyJ35+j/EmkLPaufu5O12WotI5BV0Cz:0kTN6FIgj/ErCufcWoan
Score

8^/10

persistence
- Modifies AppInit DLL entries
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2