d1f92cc0ec1f658c66ebeed78a00a1a7a639c7a07bae575b62a22ec13e78ae46 | Triage

Sharing

General

Target

bdf698f665e97cc0b6c617c54f54a5b6_JaffaCakes118.exe
Size

323KB
Sample

240505-ldppxsha93
MD5

bdf698f665e97cc0b6c617c54f54a5b6
SHA1

cd448589622b9357d559f476cc17d6fdcefb2b7c
SHA256

d1f92cc0ec1f658c66ebeed78a00a1a7a639c7a07bae575b62a22ec13e78ae46
SHA512

908c173b21cb664907871821b67f2e5cafcb6784b61adc5a353b97e4e0841a817a1c1ed4b6d995b383f67e8734687522a29b585351bf7296c56a189e0f3c790a
SSDEEP

6144:/eoOqlljd3rKzwN8Jlljd3njPX9ZAk3fs:GojjpKXjtjP9Zt0

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  bdf698f665e97cc0b6c617c54f54a5b6_JaffaCakes118.exe
- Size
  
  323KB
- MD5
  
  bdf698f665e97cc0b6c617c54f54a5b6
- SHA1
  
  cd448589622b9357d559f476cc17d6fdcefb2b7c
- SHA256
  
  d1f92cc0ec1f658c66ebeed78a00a1a7a639c7a07bae575b62a22ec13e78ae46
- SHA512
  
  908c173b21cb664907871821b67f2e5cafcb6784b61adc5a353b97e4e0841a817a1c1ed4b6d995b383f67e8734687522a29b585351bf7296c56a189e0f3c790a
- SSDEEP
  
  6144:/eoOqlljd3rKzwN8Jlljd3njPX9ZAk3fs:GojjpKXjtjP9Zt0
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2