a0f8e9d693aa2dfff1fdc37eeda65df50a3d3c6ccaa04e2ef302edc9556c9035 | Triage

Sharing

General

Target

184fb955ac9874ef18852385893eab23_JaffaCakes118
Size

55KB
Sample

240628-bzmgkstfmd
MD5

184fb955ac9874ef18852385893eab23
SHA1

78d16255cbce4877561c10ae5de24e447012d1dd
SHA256

a0f8e9d693aa2dfff1fdc37eeda65df50a3d3c6ccaa04e2ef302edc9556c9035
SHA512

dad0efdc8461884487728e2c947a1d47265241029a9b1882db7e4922b303a799695acf07f15a16aca1e171f3fadced910b58c79a7057cb1cf20e3b32474ded14
SSDEEP

1536:lCj53rNh7ftpvp4L7DAHOYAGYXcpFH6zvB1tpsS3lZ:Q3rNh7VJ+LsOfGNH6L

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  184fb955ac9874ef18852385893eab23_JaffaCakes118
- Size
  
  55KB
- MD5
  
  184fb955ac9874ef18852385893eab23
- SHA1
  
  78d16255cbce4877561c10ae5de24e447012d1dd
- SHA256
  
  a0f8e9d693aa2dfff1fdc37eeda65df50a3d3c6ccaa04e2ef302edc9556c9035
- SHA512
  
  dad0efdc8461884487728e2c947a1d47265241029a9b1882db7e4922b303a799695acf07f15a16aca1e171f3fadced910b58c79a7057cb1cf20e3b32474ded14
- SSDEEP
  
  1536:lCj53rNh7ftpvp4L7DAHOYAGYXcpFH6zvB1tpsS3lZ:Q3rNh7VJ+LsOfGNH6L
Score

8^/10

persistence
- Adds policy Run key to start application
  persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2