246a0fec1e0c201fd407a74231a70ce7f5345ab376029db4e79bea4ba27acd46 | Triage

Sharing

General

Target

643838ba751d4e848a9a47d2a9323f43_JaffaCakes118
Size

1.3MB
Sample

240521-wh2kdsdd65
MD5

643838ba751d4e848a9a47d2a9323f43
SHA1

32e6b182612218a57b273dd3849cc3f4b2969d13
SHA256

246a0fec1e0c201fd407a74231a70ce7f5345ab376029db4e79bea4ba27acd46
SHA512

733d93b7f977be355c0ab6d1b86aa733e54d45d2dad15afef6414f7e195e617ced1b142f323dd6e27247a82801d54b5ccec1907e4827afba3610de6dcbc60f97
SSDEEP

24576:L8YPVCgo/0VX7GMvN3P0K8lGz9fRM6bMa52xFnCeJsR+FpYmI/mltL:L8kVd7GgN3Pj2Gz9FnwRacFfIOf

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  2.exe
- Size
  
  1.9MB
- MD5
  
  211d67cb160ae80cd5b8f51e768ecf03
- SHA1
  
  7bc311419bbd63b5d9f11e31676b23916dd92a73
- SHA256
  
  d9a91d7519b16a30328c22ad2be0b6c31a0c169fd8333567c389f66057d95902
- SHA512
  
  42e800ab0285507d1329df885de52398511ae8a73e8b90eac0590eddccebd5335375e6e409e1541459ebf2bd9751bf8f1327790fc7a764f2ac2c5957212b4cbb
- SSDEEP
  
  24576:PFOatRpLVFPbthieraHDowhhk70Trcfdq+rw24kM1p2yvCVlnU9zJkGIAYhbljgK:txRpL/bC/9jkQTAfdWVLCVyKn2K1
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence