3a5de00e0441b0c5af70191836d235e180b7288c9aecbf11bdc8557905e06a21 | Triage

Sharing

General

Target

02c5bc3e15e85b82b69cb54e54d31f39_JaffaCakes118
Size

17KB
Sample

240620-ezvdzaydlb
MD5

02c5bc3e15e85b82b69cb54e54d31f39
SHA1

69b306c2800b85e26be89ca07cc24daa339ce35c
SHA256

3a5de00e0441b0c5af70191836d235e180b7288c9aecbf11bdc8557905e06a21
SHA512

98e92cde69a3cb0ef26b48f29aa4eeabab8f449eb49112395132f49eef002dc7ceeb570b0662f9b44ead233169b316530dc2c5acec550ad7d5a0d7f1ea8f5947
SSDEEP

384:iErt8YuhvA2G+RReDjlFBQKokOhaDen5o2k+P6OXVy2GKvaZJI:M9FIDKv7Genir+iO02jviJI

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  02c5bc3e15e85b82b69cb54e54d31f39_JaffaCakes118
- Size
  
  17KB
- MD5
  
  02c5bc3e15e85b82b69cb54e54d31f39
- SHA1
  
  69b306c2800b85e26be89ca07cc24daa339ce35c
- SHA256
  
  3a5de00e0441b0c5af70191836d235e180b7288c9aecbf11bdc8557905e06a21
- SHA512
  
  98e92cde69a3cb0ef26b48f29aa4eeabab8f449eb49112395132f49eef002dc7ceeb570b0662f9b44ead233169b316530dc2c5acec550ad7d5a0d7f1ea8f5947
- SSDEEP
  
  384:iErt8YuhvA2G+RReDjlFBQKokOhaDen5o2k+P6OXVy2GKvaZJI:M9FIDKv7Genir+iO02jviJI
Score

8^/10

persistence
- Adds policy Run key to start application
  persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2