375ff1105cd20b683f441014ba8988b1e15327c6bf3457a971e3629c6afe022f | Triage

Sharing

General

Target

1b2f8831502828b78c1b695d74c67b38_JaffaCakes118
Size

13KB
Sample

240701-nzxzjazdqc
MD5

1b2f8831502828b78c1b695d74c67b38
SHA1

00285aeb117e125ef5cf1bdb240b758f603f037e
SHA256

375ff1105cd20b683f441014ba8988b1e15327c6bf3457a971e3629c6afe022f
SHA512

d7b22f7997739b9edf19f46bcc74f93899413748200276b0fe07320c3d1500210dcbae4f46bd44f9b11054814428c71312430bad3b8c8c50cdcaef20a1e0a4d8
SSDEEP

384:emWDlkSA2Ji8MJpHX7P8dE00zK2G7rfLD4GEFq/:emQfKpHuEZzKZTD4GEF0

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  1b2f8831502828b78c1b695d74c67b38_JaffaCakes118
- Size
  
  13KB
- MD5
  
  1b2f8831502828b78c1b695d74c67b38
- SHA1
  
  00285aeb117e125ef5cf1bdb240b758f603f037e
- SHA256
  
  375ff1105cd20b683f441014ba8988b1e15327c6bf3457a971e3629c6afe022f
- SHA512
  
  d7b22f7997739b9edf19f46bcc74f93899413748200276b0fe07320c3d1500210dcbae4f46bd44f9b11054814428c71312430bad3b8c8c50cdcaef20a1e0a4d8
- SSDEEP
  
  384:emWDlkSA2Ji8MJpHX7P8dE00zK2G7rfLD4GEFq/:emQfKpHuEZzKZTD4GEF0
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2