22ebd5c2c1904e4ef40ea948c8030cc1ff79a978b57d54badfcf74eb4dad35df | Triage

Sharing

General

Target

0c73c0fb8bcb088a36dad17b20f04fcd_JaffaCakes118
Size

48KB
Sample

240501-wghqwseg82
MD5

0c73c0fb8bcb088a36dad17b20f04fcd
SHA1

3b4a00e16125504e37d7e6089a70405633108ac9
SHA256

22ebd5c2c1904e4ef40ea948c8030cc1ff79a978b57d54badfcf74eb4dad35df
SHA512

e15c6aff93ed8bad9be8c51c4bac95f0d8582ebeb2f3d687af5e2ed49b877fca01844ba350aac32c851a698e72165c905cbf5ffbe53dbfe5337a7c8821e8275e
SSDEEP

768:+ZvuAGxJqFdCnAcZ9BLdlyIBOT8Tu2+TifaIJ43Uk:+NuAGxYncdxQUfVO3U

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  0c73c0fb8bcb088a36dad17b20f04fcd_JaffaCakes118
- Size
  
  48KB
- MD5
  
  0c73c0fb8bcb088a36dad17b20f04fcd
- SHA1
  
  3b4a00e16125504e37d7e6089a70405633108ac9
- SHA256
  
  22ebd5c2c1904e4ef40ea948c8030cc1ff79a978b57d54badfcf74eb4dad35df
- SHA512
  
  e15c6aff93ed8bad9be8c51c4bac95f0d8582ebeb2f3d687af5e2ed49b877fca01844ba350aac32c851a698e72165c905cbf5ffbe53dbfe5337a7c8821e8275e
- SSDEEP
  
  768:+ZvuAGxJqFdCnAcZ9BLdlyIBOT8Tu2+TifaIJ43Uk:+NuAGxYncdxQUfVO3U
Score

8^/10

persistence
- Modifies AppInit DLL entries
  persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2