942e2e43f8402b35f0b9b505450341a857ac54d109de78dade5a13fff6627981 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0d943142f2fdf43429fb363d9077482a_JaffaCakes118
Size

15KB
Sample

240625-lmmxpasarc
MD5

0d943142f2fdf43429fb363d9077482a
SHA1

187a0771177d6f2f2c4b9be3c27220d899b14efd
SHA256

942e2e43f8402b35f0b9b505450341a857ac54d109de78dade5a13fff6627981
SHA512

3b216f4a84bf7c8acf83f0decb7aa00b481821dccfd2906f649e814258d03a553b1acb9e1392d5e98d9465db89e22d680f84204c248a71844eefcf096ee8f6e8
SSDEEP

384:9N6CdHPvpoxXshuqLtgFXFs6Zx5cvI3BtQ0+B:D6CdHPvpoxchuKoFDx5cYByH

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  0d943142f2fdf43429fb363d9077482a_JaffaCakes118
- Size
  
  15KB
- MD5
  
  0d943142f2fdf43429fb363d9077482a
- SHA1
  
  187a0771177d6f2f2c4b9be3c27220d899b14efd
- SHA256
  
  942e2e43f8402b35f0b9b505450341a857ac54d109de78dade5a13fff6627981
- SHA512
  
  3b216f4a84bf7c8acf83f0decb7aa00b481821dccfd2906f649e814258d03a553b1acb9e1392d5e98d9465db89e22d680f84204c248a71844eefcf096ee8f6e8
- SSDEEP
  
  384:9N6CdHPvpoxXshuqLtgFXFs6Zx5cvI3BtQ0+B:D6CdHPvpoxchuKoFDx5cYByH
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2