8b8faf21684dcab1c11e1ff4324bf00ce23770ef1d7f99ce84924687aa808c78 | Triage

Sharing

General

Target

0b0f1f178073b215c4b0cbfdfa3db015_JaffaCakes118
Size

3.0MB
Sample

240624-2qnamawdlc
MD5

0b0f1f178073b215c4b0cbfdfa3db015
SHA1

265d1bd4b08762dcf01c4c86e8f439f4d8135fdb
SHA256

8b8faf21684dcab1c11e1ff4324bf00ce23770ef1d7f99ce84924687aa808c78
SHA512

13823fadad95b109b207542f0dd938ec233bd0e629452f3ad716d982a2af596d37f6c4b1810e13525d11cf461ed1a4ed6bf0c2aa2e1f2a13eb3b0b79e97747ec
SSDEEP

49152:OZ+JSWjg06cEkgCH0fTb3aNgOdTrU3BsOYURyQec1mIIJDBQBg5kZ86a4GQN+:ObWjXtHc/aNguUxsO6WZIBWm2p8+

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  0b0f1f178073b215c4b0cbfdfa3db015_JaffaCakes118
- Size
  
  3.0MB
- MD5
  
  0b0f1f178073b215c4b0cbfdfa3db015
- SHA1
  
  265d1bd4b08762dcf01c4c86e8f439f4d8135fdb
- SHA256
  
  8b8faf21684dcab1c11e1ff4324bf00ce23770ef1d7f99ce84924687aa808c78
- SHA512
  
  13823fadad95b109b207542f0dd938ec233bd0e629452f3ad716d982a2af596d37f6c4b1810e13525d11cf461ed1a4ed6bf0c2aa2e1f2a13eb3b0b79e97747ec
- SSDEEP
  
  49152:OZ+JSWjg06cEkgCH0fTb3aNgOdTrU3BsOYURyQec1mIIJDBQBg5kZ86a4GQN+:ObWjXtHc/aNguUxsO6WZIBWm2p8+
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2