f7cf18dd12048a1435c5489ea147dc0e660c1ba7f8adb5d8dad2e121cd3bf592 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

21271a828e19105a9fe86b1fc7c725fd_JaffaCakes118
Size

14KB
Sample

240703-fnjzjasepq
MD5

21271a828e19105a9fe86b1fc7c725fd
SHA1

b8ead95c91762e14872358a5cbf15c35f094b108
SHA256

f7cf18dd12048a1435c5489ea147dc0e660c1ba7f8adb5d8dad2e121cd3bf592
SHA512

30ed1c34682e77a542ca5d2c3a787282627742ab5c4b342762c883f62b1918b693756088c2ded2b31eb6251fe64e450db3a014c18b5326e70818def9328dbf8d
SSDEEP

384:3sMMAsQa9M9E+1is020sKrfTw/N64y5qSYPAojI:cMMAsBIiVXMfy5qTPC

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  21271a828e19105a9fe86b1fc7c725fd_JaffaCakes118
- Size
  
  14KB
- MD5
  
  21271a828e19105a9fe86b1fc7c725fd
- SHA1
  
  b8ead95c91762e14872358a5cbf15c35f094b108
- SHA256
  
  f7cf18dd12048a1435c5489ea147dc0e660c1ba7f8adb5d8dad2e121cd3bf592
- SHA512
  
  30ed1c34682e77a542ca5d2c3a787282627742ab5c4b342762c883f62b1918b693756088c2ded2b31eb6251fe64e450db3a014c18b5326e70818def9328dbf8d
- SSDEEP
  
  384:3sMMAsQa9M9E+1is020sKrfTw/N64y5qSYPAojI:cMMAsBIiVXMfy5qTPC
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2