07b909bbb75355828bfde549796f82d045e455ab14aa87f9bbba6673b4aef475 | Triage

Sharing

General

Target

de280e1f9995b792479868d26a33d0a1_JaffaCakes118.exe
Size

64KB
Sample

240504-yvnkeacg32
MD5

de280e1f9995b792479868d26a33d0a1
SHA1

cb93ca91aa90c136e690db2f6e88401be1fd99f2
SHA256

07b909bbb75355828bfde549796f82d045e455ab14aa87f9bbba6673b4aef475
SHA512

b2d276a43e4ebdda45aeea01ea4a4c896dc6857822700d32426d305610b7df2d366d5ccc26cba450c00d6828b8181d7afa94f4a2de8776fa76a7fc0f954d0ceb
SSDEEP

1536:gQrxTngjBkjrqOXRMi7yPBqG5TII2LMsBMu/H1:gQrxTngtkjrqOXqi7yZx5TIZMaN

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  de280e1f9995b792479868d26a33d0a1_JaffaCakes118.exe
- Size
  
  64KB
- MD5
  
  de280e1f9995b792479868d26a33d0a1
- SHA1
  
  cb93ca91aa90c136e690db2f6e88401be1fd99f2
- SHA256
  
  07b909bbb75355828bfde549796f82d045e455ab14aa87f9bbba6673b4aef475
- SHA512
  
  b2d276a43e4ebdda45aeea01ea4a4c896dc6857822700d32426d305610b7df2d366d5ccc26cba450c00d6828b8181d7afa94f4a2de8776fa76a7fc0f954d0ceb
- SSDEEP
  
  1536:gQrxTngjBkjrqOXRMi7yPBqG5TII2LMsBMu/H1:gQrxTngtkjrqOXqi7yZx5TIZMaN
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2