417ed65afaa6823d7ed7f66a24e820b0182be5738a624198189ed78fc6445513 | Triage

Sharing

General

Target

4b6b1652b90dc007b546f5120897d972_JaffaCakes118.exe
Size

4.1MB
Sample

240504-x41ewsbc83
MD5

4b6b1652b90dc007b546f5120897d972
SHA1

ad1fbf14b75cce2ee98039b4632c1a1c86082268
SHA256

417ed65afaa6823d7ed7f66a24e820b0182be5738a624198189ed78fc6445513
SHA512

1cff1bf9692cf561d6f7694ccc4c7af674731d1961919623acc09724bbc77ffdb3683e44a2160c9f26a85a3830c3338d8fa44d805ee251237f070a0aa442844d
SSDEEP

98304:+R0pI/IQlUoMPdmpSp04ADtnkgvNWlw6aTfN41v:+R0pIAQhMPdm75n9klRKN41v

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  4b6b1652b90dc007b546f5120897d972_JaffaCakes118.exe
- Size
  
  4.1MB
- MD5
  
  4b6b1652b90dc007b546f5120897d972
- SHA1
  
  ad1fbf14b75cce2ee98039b4632c1a1c86082268
- SHA256
  
  417ed65afaa6823d7ed7f66a24e820b0182be5738a624198189ed78fc6445513
- SHA512
  
  1cff1bf9692cf561d6f7694ccc4c7af674731d1961919623acc09724bbc77ffdb3683e44a2160c9f26a85a3830c3338d8fa44d805ee251237f070a0aa442844d
- SSDEEP
  
  98304:+R0pI/IQlUoMPdmpSp04ADtnkgvNWlw6aTfN41v:+R0pIAQhMPdm75n9klRKN41v
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2