09dc1955251d0bad9904f34f4c35b5550faa6af16c783bb39c8987dcf1f6df71 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0ccf6b3fbded70c49cb1ecf715613d45_JaffaCakes118
Size

48KB
Sample

240625-f8rvwawdmm
MD5

0ccf6b3fbded70c49cb1ecf715613d45
SHA1

37be00c002846c048ad72919a89b49093a4b94c4
SHA256

09dc1955251d0bad9904f34f4c35b5550faa6af16c783bb39c8987dcf1f6df71
SHA512

e7feb81bbfdcdec1c398ba0dcdb52f9a2b2c042433ae5f158d0175045f9551397e6486ebfdef23341970f3e6c7617df37661307e2df7da8dff37e77199e44e71
SSDEEP

768:P+Wms1FBYg5hB+PRqF1HRdDRoV0sptvUeYiVyDyqRNzGZGBZYeGlqn4Lgq:WWmsV5hEgRdD+Vzeed01Glqn4Eq

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  0ccf6b3fbded70c49cb1ecf715613d45_JaffaCakes118
- Size
  
  48KB
- MD5
  
  0ccf6b3fbded70c49cb1ecf715613d45
- SHA1
  
  37be00c002846c048ad72919a89b49093a4b94c4
- SHA256
  
  09dc1955251d0bad9904f34f4c35b5550faa6af16c783bb39c8987dcf1f6df71
- SHA512
  
  e7feb81bbfdcdec1c398ba0dcdb52f9a2b2c042433ae5f158d0175045f9551397e6486ebfdef23341970f3e6c7617df37661307e2df7da8dff37e77199e44e71
- SSDEEP
  
  768:P+Wms1FBYg5hB+PRqF1HRdDRoV0sptvUeYiVyDyqRNzGZGBZYeGlqn4Lgq:WWmsV5hEgRdD+Vzeed01Glqn4Eq
Score

8^/10

persistence
- Drops file in Drivers directory
- Event Triggered Execution: Image File Execution Options Injection
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Event Triggered Execution

Image File Execution Options Injection

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Event Triggered Execution

Image File Execution Options Injection

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2