f5944eed723550d48fda0da374f2b1da7d45bde536f6f3d7b07af3643aba8498 | Triage

Sharing

General

Target

08790680aeeb19006446205ed9c41427_JaffaCakes118
Size

154KB
Sample

240620-wnbadsvbnn
MD5

08790680aeeb19006446205ed9c41427
SHA1

abc18dfcdc28f97df3f4c9083d054a162c23bc27
SHA256

f5944eed723550d48fda0da374f2b1da7d45bde536f6f3d7b07af3643aba8498
SHA512

5b0ea7b73bb35d495bb0d947e6acd4d6276b3d259e540fface9d5e2dcbe3146af283c654f5b79dab75cf841aa1712d8d5677e2d2d903feac3c67e0e73041e363
SSDEEP

3072:YE06GPlGqWj9IBdmnyt9YEqFHb5RwK/3Yq63+sYHP:YE0/49IrHc5Rw+g

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  08790680aeeb19006446205ed9c41427_JaffaCakes118
- Size
  
  154KB
- MD5
  
  08790680aeeb19006446205ed9c41427
- SHA1
  
  abc18dfcdc28f97df3f4c9083d054a162c23bc27
- SHA256
  
  f5944eed723550d48fda0da374f2b1da7d45bde536f6f3d7b07af3643aba8498
- SHA512
  
  5b0ea7b73bb35d495bb0d947e6acd4d6276b3d259e540fface9d5e2dcbe3146af283c654f5b79dab75cf841aa1712d8d5677e2d2d903feac3c67e0e73041e363
- SSDEEP
  
  3072:YE06GPlGqWj9IBdmnyt9YEqFHb5RwK/3Yq63+sYHP:YE0/49IrHc5Rw+g
Score

7^/10

persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2