674eabb427bfdac0e3b12d7d50cc12f31e1957ecee85a256df3de5d9489b8dad | Triage

Sharing

General

Target

14e9c0131dd8fdfbe46852a8bac37d12_JaffaCakes118
Size

362KB
Sample

240627-gpa9fsyanm
MD5

14e9c0131dd8fdfbe46852a8bac37d12
SHA1

eadfc77e22ddfd27d02ce880cbd890a3bce09ed9
SHA256

674eabb427bfdac0e3b12d7d50cc12f31e1957ecee85a256df3de5d9489b8dad
SHA512

27480cc0c0a235dbbdf7f9e938c737d8e99060cf71fd3babe452e228014ce46a89e6c96a5a855ab9fcd067092959b1c167f8ac0499ee43d63d500864e78f1348
SSDEEP

6144:S1wPysek7FJO3DFSxEH87s/3koB/eFLot2JUNKSfh1/FXqMsPUu:2wq4FJ4FSwt/ko/e43E0Xrop

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  14e9c0131dd8fdfbe46852a8bac37d12_JaffaCakes118
- Size
  
  362KB
- MD5
  
  14e9c0131dd8fdfbe46852a8bac37d12
- SHA1
  
  eadfc77e22ddfd27d02ce880cbd890a3bce09ed9
- SHA256
  
  674eabb427bfdac0e3b12d7d50cc12f31e1957ecee85a256df3de5d9489b8dad
- SHA512
  
  27480cc0c0a235dbbdf7f9e938c737d8e99060cf71fd3babe452e228014ce46a89e6c96a5a855ab9fcd067092959b1c167f8ac0499ee43d63d500864e78f1348
- SSDEEP
  
  6144:S1wPysek7FJO3DFSxEH87s/3koB/eFLot2JUNKSfh1/FXqMsPUu:2wq4FJ4FSwt/ko/e43E0Xrop
Score

7^/10

persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2