392b64aeed65407c9cb7336a4c89d1ef34111fd7b9c74c8b6e45b2c91b7bbc42 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

21ad3791c38aa0ece724453649531c9e_JaffaCakes118
Size

19KB
Sample

240703-j71m6sybmj
MD5

21ad3791c38aa0ece724453649531c9e
SHA1

bc6b53830088e9fb099d0668973829470e196931
SHA256

392b64aeed65407c9cb7336a4c89d1ef34111fd7b9c74c8b6e45b2c91b7bbc42
SHA512

e483f9e37caf38e631d9d074758ddb6ea6da06c9e8d253b107dae0a7591b48d47715f51ac4a60762c917fc407e23f11ac0590bef6fa99937d6dd9df5ebe466e9
SSDEEP

384:0/c7Kxe4jLX1MQVt3KN5SQzSAxCvIcmdsXgn/wHEhdEQSIe6bDl2LzM4X:0/AKFvX1vt3KuQ3Cv8dWgYkAQfeQ

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  21ad3791c38aa0ece724453649531c9e_JaffaCakes118
- Size
  
  19KB
- MD5
  
  21ad3791c38aa0ece724453649531c9e
- SHA1
  
  bc6b53830088e9fb099d0668973829470e196931
- SHA256
  
  392b64aeed65407c9cb7336a4c89d1ef34111fd7b9c74c8b6e45b2c91b7bbc42
- SHA512
  
  e483f9e37caf38e631d9d074758ddb6ea6da06c9e8d253b107dae0a7591b48d47715f51ac4a60762c917fc407e23f11ac0590bef6fa99937d6dd9df5ebe466e9
- SSDEEP
  
  384:0/c7Kxe4jLX1MQVt3KN5SQzSAxCvIcmdsXgn/wHEhdEQSIe6bDl2LzM4X:0/AKFvX1vt3KuQ3Cv8dWgYkAQfeQ
Score

7^/10

persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2