8e9f4c6251508727180d21e1d64d0b7a696b21488cf54b46e1d9c7b32e464c5d | Triage

Sharing

General

Target

f75512b37469cc341820acaf93821ce4_JaffaCakes118.exe
Size

538KB
Sample

240504-w5swrsef91
MD5

f75512b37469cc341820acaf93821ce4
SHA1

2852c6889718fbc5b60c49869d2c0aa284a80741
SHA256

8e9f4c6251508727180d21e1d64d0b7a696b21488cf54b46e1d9c7b32e464c5d
SHA512

4b8ccb04d822951ba72d85a31357a6cde1e7ca7a65b2569306a6d99da213e024140afc3a99efa4f9374c5e3d5d8b2c7d92deeeccbe4f7c1df8e18f9c4008ef9f
SSDEEP

12288:wlbg+41gL5pRTcAkS/3hzN8qE43fm78VE:Wbg+N5jcAkSYqyEE

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  f75512b37469cc341820acaf93821ce4_JaffaCakes118.exe
- Size
  
  538KB
- MD5
  
  f75512b37469cc341820acaf93821ce4
- SHA1
  
  2852c6889718fbc5b60c49869d2c0aa284a80741
- SHA256
  
  8e9f4c6251508727180d21e1d64d0b7a696b21488cf54b46e1d9c7b32e464c5d
- SHA512
  
  4b8ccb04d822951ba72d85a31357a6cde1e7ca7a65b2569306a6d99da213e024140afc3a99efa4f9374c5e3d5d8b2c7d92deeeccbe4f7c1df8e18f9c4008ef9f
- SSDEEP
  
  12288:wlbg+41gL5pRTcAkS/3hzN8qE43fm78VE:Wbg+N5jcAkSYqyEE
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2