ae9cf37998d67ffbd305f13296081e26ac15802c27b49890d7d00bfc6752ee85 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dcb8f7cfe95356e12cbfe02d6907ca63_JaffaCakes118.exe
Size

123KB
Sample

240505-lhmq5aea6s
MD5

dcb8f7cfe95356e12cbfe02d6907ca63
SHA1

c1842660e663dfa468515aaaa67cd45bcb7a3f85
SHA256

ae9cf37998d67ffbd305f13296081e26ac15802c27b49890d7d00bfc6752ee85
SHA512

a520a0e78cd27aff57587379be36f0191280655d13b9d56f108f02f4d1db04241df61bbe3d318206dd92cfc418cb62cd604871d4f771410d38e4482c14ffe486
SSDEEP

1536:AAmnS7ALOTVgzGSvkBoXk3bbKpjWwf1JRYSw1mir8CAjXoiDEuGg0opGCR98:AdOTVgKSvogBJRYSa9rR85DEn5k7r8

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  dcb8f7cfe95356e12cbfe02d6907ca63_JaffaCakes118.exe
- Size
  
  123KB
- MD5
  
  dcb8f7cfe95356e12cbfe02d6907ca63
- SHA1
  
  c1842660e663dfa468515aaaa67cd45bcb7a3f85
- SHA256
  
  ae9cf37998d67ffbd305f13296081e26ac15802c27b49890d7d00bfc6752ee85
- SHA512
  
  a520a0e78cd27aff57587379be36f0191280655d13b9d56f108f02f4d1db04241df61bbe3d318206dd92cfc418cb62cd604871d4f771410d38e4482c14ffe486
- SSDEEP
  
  1536:AAmnS7ALOTVgzGSvkBoXk3bbKpjWwf1JRYSw1mir8CAjXoiDEuGg0opGCR98:AdOTVgKSvogBJRYSa9rR85DEn5k7r8
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2