d31df77982113954c24c071028790886170f86578f6f1eb1b357958a00a933b6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

06e3dc2d1f7091d61fb6f0685bac5590_JaffaCakes118
Size

636KB
Sample

240620-ryzcrawhrq
MD5

06e3dc2d1f7091d61fb6f0685bac5590
SHA1

b1c9fd7dddb9f279cc81aed80d3374b6c5b084bc
SHA256

d31df77982113954c24c071028790886170f86578f6f1eb1b357958a00a933b6
SHA512

c136a4d1cadb0acc5d7547fac2dbb46b9afb911239452bc196c7c44b29398015fefd5a27c8eb578458bad2ef21f9f1602974877d6da9982eb14f859c718d44d2
SSDEEP

12288:hDFIQDcwR1em1fsZXrhDtvnZtD3HRlc1c2obY7HxHDxdrf6ARXv:hJvca1e00ZXFt6ocTxj/6ARXv

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  06e3dc2d1f7091d61fb6f0685bac5590_JaffaCakes118
- Size
  
  636KB
- MD5
  
  06e3dc2d1f7091d61fb6f0685bac5590
- SHA1
  
  b1c9fd7dddb9f279cc81aed80d3374b6c5b084bc
- SHA256
  
  d31df77982113954c24c071028790886170f86578f6f1eb1b357958a00a933b6
- SHA512
  
  c136a4d1cadb0acc5d7547fac2dbb46b9afb911239452bc196c7c44b29398015fefd5a27c8eb578458bad2ef21f9f1602974877d6da9982eb14f859c718d44d2
- SSDEEP
  
  12288:hDFIQDcwR1em1fsZXrhDtvnZtD3HRlc1c2obY7HxHDxdrf6ARXv:hJvca1e00ZXFt6ocTxj/6ARXv
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2