1446606c798b835ef6e3b3084e0b839fe4432c2f225987893357571492c8d8fa | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0981ed842832bca9aafe6f587f03accf_JaffaCakes118
Size

634KB
Sample

240624-tmfgls1cna
MD5

0981ed842832bca9aafe6f587f03accf
SHA1

7be380a1e1649139246ee5cd12a977c72152563e
SHA256

1446606c798b835ef6e3b3084e0b839fe4432c2f225987893357571492c8d8fa
SHA512

8cd1cb34a04d2af2e974bba689f76e7f5451bb7ba21cdbbe2c41dc307d6b9ee7d26c28190ec399231fe19e36838da0c4cc49a18562d2968facc67758f88338e7
SSDEEP

12288:LHVYSFfcIaSUn/+y7Gr2uxCDbDMR5b6F3Z4mxxUDfLgYQ6bcz84QbI3E:LHR5cIk/RtJrMbeQmXUDftBc84SUE

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  0981ed842832bca9aafe6f587f03accf_JaffaCakes118
- Size
  
  634KB
- MD5
  
  0981ed842832bca9aafe6f587f03accf
- SHA1
  
  7be380a1e1649139246ee5cd12a977c72152563e
- SHA256
  
  1446606c798b835ef6e3b3084e0b839fe4432c2f225987893357571492c8d8fa
- SHA512
  
  8cd1cb34a04d2af2e974bba689f76e7f5451bb7ba21cdbbe2c41dc307d6b9ee7d26c28190ec399231fe19e36838da0c4cc49a18562d2968facc67758f88338e7
- SSDEEP
  
  12288:LHVYSFfcIaSUn/+y7Gr2uxCDbDMR5b6F3Z4mxxUDfLgYQ6bcz84QbI3E:LHR5cIk/RtJrMbeQmXUDftBc84SUE
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2