49ee0d06e386bb80d0abba402a0fa0f3fadda59ce454371f0e2c5649385c5a21 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

189ef58033a37aeb290dbc94bf4dfb19_JaffaCakes118
Size

66KB
Sample

240628-d2dcssyfnb
MD5

189ef58033a37aeb290dbc94bf4dfb19
SHA1

0fb7c03ca0c5efdf9962cc667a16ffe85c8e897d
SHA256

49ee0d06e386bb80d0abba402a0fa0f3fadda59ce454371f0e2c5649385c5a21
SHA512

0f9be71c4058125788454baed56bd2cf9a31e3c16c01be508beb3c8584f8cdfff9de48fa4529c0871207a8c1df9f3ad3a100e79725dd128d79545144de69eba3
SSDEEP

1536:kmDWRgsNdgseTwSoNosdX+m5lssSHuc2sg0O9uhtXu7:jCRpngwSaFpB8Xu7

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  189ef58033a37aeb290dbc94bf4dfb19_JaffaCakes118
- Size
  
  66KB
- MD5
  
  189ef58033a37aeb290dbc94bf4dfb19
- SHA1
  
  0fb7c03ca0c5efdf9962cc667a16ffe85c8e897d
- SHA256
  
  49ee0d06e386bb80d0abba402a0fa0f3fadda59ce454371f0e2c5649385c5a21
- SHA512
  
  0f9be71c4058125788454baed56bd2cf9a31e3c16c01be508beb3c8584f8cdfff9de48fa4529c0871207a8c1df9f3ad3a100e79725dd128d79545144de69eba3
- SSDEEP
  
  1536:kmDWRgsNdgseTwSoNosdX+m5lssSHuc2sg0O9uhtXu7:jCRpngwSaFpB8Xu7
Score

7^/10

persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2