faa4b8e126aa40c79c41f964520d298434ef6b0c9a46291cc573cf3faae20c85 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

22503e43e69c0b203f268d1ffa0256bc_JaffaCakes118
Size

113KB
Sample

240703-n4nlnascme
MD5

22503e43e69c0b203f268d1ffa0256bc
SHA1

87bbecd5caacda15bc20b8a02ec099ffdab7b228
SHA256

faa4b8e126aa40c79c41f964520d298434ef6b0c9a46291cc573cf3faae20c85
SHA512

e305b920fc01ab8fab2a6ebe0981a10f1bad1ca738e5d22b4d843b5d84f25bb18f0e902538c052d67485974db3c87c6d50c18e7996336767e4328e09917ff879
SSDEEP

3072:izOo6ySNb+zUbp8FxsooLUPQzYO97pDXJgZ:mQyqp8FxsooYPFO97p

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  22503e43e69c0b203f268d1ffa0256bc_JaffaCakes118
- Size
  
  113KB
- MD5
  
  22503e43e69c0b203f268d1ffa0256bc
- SHA1
  
  87bbecd5caacda15bc20b8a02ec099ffdab7b228
- SHA256
  
  faa4b8e126aa40c79c41f964520d298434ef6b0c9a46291cc573cf3faae20c85
- SHA512
  
  e305b920fc01ab8fab2a6ebe0981a10f1bad1ca738e5d22b4d843b5d84f25bb18f0e902538c052d67485974db3c87c6d50c18e7996336767e4328e09917ff879
- SSDEEP
  
  3072:izOo6ySNb+zUbp8FxsooLUPQzYO97pDXJgZ:mQyqp8FxsooYPFO97p
Score

7^/10

persistence
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2