63ed2da6e437abcb9a196b3a88ca4bc9150688d894b382bc1776e9d4c048a63b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

029b4bfb478959ffeefe0ea8e3cb5730_JaffaCakes118
Size

33KB
Sample

240620-ehz8wssapl
MD5

029b4bfb478959ffeefe0ea8e3cb5730
SHA1

1afa37558e5514426cb7aab25bedcdae80db3e7a
SHA256

63ed2da6e437abcb9a196b3a88ca4bc9150688d894b382bc1776e9d4c048a63b
SHA512

731b2417dfd13e0496bd75a0d276df658f6348d63b285e6d3e089efca2c97d00598654ede551f07d9e6b7253701e7b9fa771499103a4ba32fb277bea2546d7b2
SSDEEP

768:re4TH/zy0W5defiInLF5a/nAC+JLyrUUk/+:64fzyD5aiIZ5a/ACCCFV

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  029b4bfb478959ffeefe0ea8e3cb5730_JaffaCakes118
- Size
  
  33KB
- MD5
  
  029b4bfb478959ffeefe0ea8e3cb5730
- SHA1
  
  1afa37558e5514426cb7aab25bedcdae80db3e7a
- SHA256
  
  63ed2da6e437abcb9a196b3a88ca4bc9150688d894b382bc1776e9d4c048a63b
- SHA512
  
  731b2417dfd13e0496bd75a0d276df658f6348d63b285e6d3e089efca2c97d00598654ede551f07d9e6b7253701e7b9fa771499103a4ba32fb277bea2546d7b2
- SSDEEP
  
  768:re4TH/zy0W5defiInLF5a/nAC+JLyrUUk/+:64fzyD5aiIZ5a/ACCCFV
Score

7^/10

persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2