9a01b74fc4febb370a807951edd21ba8505a2c4104c51d235c4ccaaa840c2278 | Triage

Sharing

General

Target

01f98076f34e3b7c8ed2693ddac8661a_JaffaCakes118.exe
Size

194KB
Sample

240504-xhbjmsab84
MD5

01f98076f34e3b7c8ed2693ddac8661a
SHA1

c1a04b962e0fc820412e3b50a2f70ce37c865f83
SHA256

9a01b74fc4febb370a807951edd21ba8505a2c4104c51d235c4ccaaa840c2278
SHA512

5727b367511833a2731fab5949a18d7a2f058b2ac60eb97c1e597ed563bc32d143472cd435b1123f82c96d49915457abbb76c2e7d88c7488e1df63ab473c3421
SSDEEP

3072:gXM/oHzZTXdSfUNRbCeR0pN03xWlJ7mlOD6pN03:gXPXdSfUNRbCeKpNYxWlJ7mkD6pNY

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  01f98076f34e3b7c8ed2693ddac8661a_JaffaCakes118.exe
- Size
  
  194KB
- MD5
  
  01f98076f34e3b7c8ed2693ddac8661a
- SHA1
  
  c1a04b962e0fc820412e3b50a2f70ce37c865f83
- SHA256
  
  9a01b74fc4febb370a807951edd21ba8505a2c4104c51d235c4ccaaa840c2278
- SHA512
  
  5727b367511833a2731fab5949a18d7a2f058b2ac60eb97c1e597ed563bc32d143472cd435b1123f82c96d49915457abbb76c2e7d88c7488e1df63ab473c3421
- SSDEEP
  
  3072:gXM/oHzZTXdSfUNRbCeR0pN03xWlJ7mlOD6pN03:gXPXdSfUNRbCeKpNYxWlJ7mkD6pNY
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2