9fe84fba88bf9b349c23053c8369b4a7ae1824d1d36f86710ed434f1fd993aca | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5dee32ef97e0c31b10f564d9d8bc8247_JaffaCakes118.exe
Size

89KB
Sample

240505-k5ajmsge73
MD5

5dee32ef97e0c31b10f564d9d8bc8247
SHA1

a72e8c889573968a2092787bd53f84465c66eaba
SHA256

9fe84fba88bf9b349c23053c8369b4a7ae1824d1d36f86710ed434f1fd993aca
SHA512

7a04877e645ff84b666ef8716ebcf0cf155b4d7f5425134d826c65364cd4c0e6cbb4965db3a98c7ee14937c29aad5420af306d0b622c65d8f80e3f9aa1f9b27e
SSDEEP

1536:rHKaamkGv4DkIDDvez5n7baa5ZTeavQ4BEigDhm3jcJUlxUcFlExkg8Fk:rH9JkGv4Fmz5qPav9BEigDoMUWcFlaky

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  5dee32ef97e0c31b10f564d9d8bc8247_JaffaCakes118.exe
- Size
  
  89KB
- MD5
  
  5dee32ef97e0c31b10f564d9d8bc8247
- SHA1
  
  a72e8c889573968a2092787bd53f84465c66eaba
- SHA256
  
  9fe84fba88bf9b349c23053c8369b4a7ae1824d1d36f86710ed434f1fd993aca
- SHA512
  
  7a04877e645ff84b666ef8716ebcf0cf155b4d7f5425134d826c65364cd4c0e6cbb4965db3a98c7ee14937c29aad5420af306d0b622c65d8f80e3f9aa1f9b27e
- SSDEEP
  
  1536:rHKaamkGv4DkIDDvez5n7baa5ZTeavQ4BEigDhm3jcJUlxUcFlExkg8Fk:rH9JkGv4Fmz5qPav9BEigDoMUWcFlaky
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2