b0a852437dcb0b72a33bfa847fa3cfc08cdddd3d05c93f1c3360bf94e5efe57d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

043b3a71217d081dbe9136afafb2f589_JaffaCakes118
Size

773KB
Sample

240620-jzf9kaxcna
MD5

043b3a71217d081dbe9136afafb2f589
SHA1

85d53f414da1c32c33b1230475d360515b4e1584
SHA256

b0a852437dcb0b72a33bfa847fa3cfc08cdddd3d05c93f1c3360bf94e5efe57d
SHA512

665095a3468251385ac1a7ee61e3cf1ef4ad2eca9db55e0a7fb4ad43316c52c1ba4bc1f4d8a7cf9a60004040e8e6fe54a3b1723aa59de8d9e6c07e7631e9de00
SSDEEP

12288:zg+RTynC3XpsTUT2ksyNn1HNi6MhDQs4sBImUCVFD8e7w+8Me0svc0:zggTynYXpsTOMyLtiPksBrViN+8Mqvc0

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  043b3a71217d081dbe9136afafb2f589_JaffaCakes118
- Size
  
  773KB
- MD5
  
  043b3a71217d081dbe9136afafb2f589
- SHA1
  
  85d53f414da1c32c33b1230475d360515b4e1584
- SHA256
  
  b0a852437dcb0b72a33bfa847fa3cfc08cdddd3d05c93f1c3360bf94e5efe57d
- SHA512
  
  665095a3468251385ac1a7ee61e3cf1ef4ad2eca9db55e0a7fb4ad43316c52c1ba4bc1f4d8a7cf9a60004040e8e6fe54a3b1723aa59de8d9e6c07e7631e9de00
- SSDEEP
  
  12288:zg+RTynC3XpsTUT2ksyNn1HNi6MhDQs4sBImUCVFD8e7w+8Me0svc0:zggTynYXpsTOMyLtiPksBrViN+8Mqvc0
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2