551a842bf21e87573f3b876ef3b2886ca9f8fe4ef477c7f5c466d1b982f2d25d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

24f6c74f43ce4d408406b0bdbf3b5275_JaffaCakes118
Size

44KB
Sample

240704-hcy1es1dnd
MD5

24f6c74f43ce4d408406b0bdbf3b5275
SHA1

656ee9c558c75d2996ba5cf6b0473efb8de71587
SHA256

551a842bf21e87573f3b876ef3b2886ca9f8fe4ef477c7f5c466d1b982f2d25d
SHA512

ac4517dbf00114ba46591420e501a600da05150b3943b93f744f561551bc3362c32cb4a1236558d5ab22aa6ebdf84815774742f4242e616b2c1f02e322aad0d6
SSDEEP

768:YVIkS1E6as/o4eI/3xnTC9lP0sh9H/Obpv7wE:YVIkSEs/o4+3jH/W77

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  24f6c74f43ce4d408406b0bdbf3b5275_JaffaCakes118
- Size
  
  44KB
- MD5
  
  24f6c74f43ce4d408406b0bdbf3b5275
- SHA1
  
  656ee9c558c75d2996ba5cf6b0473efb8de71587
- SHA256
  
  551a842bf21e87573f3b876ef3b2886ca9f8fe4ef477c7f5c466d1b982f2d25d
- SHA512
  
  ac4517dbf00114ba46591420e501a600da05150b3943b93f744f561551bc3362c32cb4a1236558d5ab22aa6ebdf84815774742f4242e616b2c1f02e322aad0d6
- SSDEEP
  
  768:YVIkS1E6as/o4eI/3xnTC9lP0sh9H/Obpv7wE:YVIkSEs/o4+3jH/W77
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2