f67652adbe1129cf52cf352847f5134cd44f43afe59d7c3fa6b5f0bedfac29b2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

07698a4b9204c1f1d7a890ab2850123f_JaffaCakes118
Size

49KB
Sample

240620-s6mvcsvgjd
MD5

07698a4b9204c1f1d7a890ab2850123f
SHA1

3c563ec0c05738c5817bec0b1d80538339ecf244
SHA256

f67652adbe1129cf52cf352847f5134cd44f43afe59d7c3fa6b5f0bedfac29b2
SHA512

99446d7e518199772ba1e1848835f68294644e1f851a8398b20862c17e9467ec4e518b87dce4252c09e3b7c8972cd8a1a6e3c2ab1d191107c9b1cea6104804f2
SSDEEP

768:s/3YaJPKMdPXUHhe/yDDZ7ebjhcIeYMlN3rrM17+n6G68ZqMH0UFJ:svlJPKM5UHhesZ7wCYwNsljGhYUX

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  07698a4b9204c1f1d7a890ab2850123f_JaffaCakes118
- Size
  
  49KB
- MD5
  
  07698a4b9204c1f1d7a890ab2850123f
- SHA1
  
  3c563ec0c05738c5817bec0b1d80538339ecf244
- SHA256
  
  f67652adbe1129cf52cf352847f5134cd44f43afe59d7c3fa6b5f0bedfac29b2
- SHA512
  
  99446d7e518199772ba1e1848835f68294644e1f851a8398b20862c17e9467ec4e518b87dce4252c09e3b7c8972cd8a1a6e3c2ab1d191107c9b1cea6104804f2
- SSDEEP
  
  768:s/3YaJPKMdPXUHhe/yDDZ7ebjhcIeYMlN3rrM17+n6G68ZqMH0UFJ:svlJPKM5UHhesZ7wCYwNsljGhYUX
Score

8^/10

persistence
- Blocklisted process makes network request
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2