8513aedd7c5c5cfae622f6b397a384af0eedd6eee0113d7f6785d82d48d037e8 | Triage

Sharing

General

Target

0d2dd61248b33910415d268bdc163481_JaffaCakes118
Size

99KB
Sample

240625-h45maawdqh
MD5

0d2dd61248b33910415d268bdc163481
SHA1

ec2d262d67fa3e4a86e76d696e700c3df3378528
SHA256

8513aedd7c5c5cfae622f6b397a384af0eedd6eee0113d7f6785d82d48d037e8
SHA512

ede41598e0332df73c29b67f86d9d202f1428dafa5ceb2b2a422d9cb94bc6b2480f880b5e9fa03fc48aabbf9e61906b059c173bfada86bb59cbc37fad2a63e08
SSDEEP

1536:FLGS5u0MDH+2ENm150Aa/B5WUbeVt8Yqt/6jch62MsGW2qkHKJcT5alOtdxtL2eG:dG2u0L/N3/cVt8NYbsPmvT5alqxtLI

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  0d2dd61248b33910415d268bdc163481_JaffaCakes118
- Size
  
  99KB
- MD5
  
  0d2dd61248b33910415d268bdc163481
- SHA1
  
  ec2d262d67fa3e4a86e76d696e700c3df3378528
- SHA256
  
  8513aedd7c5c5cfae622f6b397a384af0eedd6eee0113d7f6785d82d48d037e8
- SHA512
  
  ede41598e0332df73c29b67f86d9d202f1428dafa5ceb2b2a422d9cb94bc6b2480f880b5e9fa03fc48aabbf9e61906b059c173bfada86bb59cbc37fad2a63e08
- SSDEEP
  
  1536:FLGS5u0MDH+2ENm150Aa/B5WUbeVt8Yqt/6jch62MsGW2qkHKJcT5alOtdxtL2eG:dG2u0L/N3/cVt8NYbsPmvT5alqxtLI
Score

8^/10

persistence
- Adds policy Run key to start application
  persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2