3474f4f4bb7ae6ba4dd0a241bd686c5863c0600998527a1f7e2583e28d150f48 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

28b9e609f0097859b27b57e106eedad5_JaffaCakes118
Size

15KB
Sample

240706-tbcxcatdqp
MD5

28b9e609f0097859b27b57e106eedad5
SHA1

288aa76ee16d64751ccd2bbddfc0cafbda1bfe5b
SHA256

3474f4f4bb7ae6ba4dd0a241bd686c5863c0600998527a1f7e2583e28d150f48
SHA512

6201570e738708a8a469e26a230f4f9a18078cf3df2150e3a149d6776da3d35c0defb368e8b4288685907dc4285a458ae5e81f67706aed0cce0e9fdcb6fa6f97
SSDEEP

384:7kRLsDO7ZVWZ4XTDyrfI2Z91dVbxuWotfdtCf16pnGVv73s:7k1sDO7Z8C2VbxolnU1UnGVTs

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  28b9e609f0097859b27b57e106eedad5_JaffaCakes118
- Size
  
  15KB
- MD5
  
  28b9e609f0097859b27b57e106eedad5
- SHA1
  
  288aa76ee16d64751ccd2bbddfc0cafbda1bfe5b
- SHA256
  
  3474f4f4bb7ae6ba4dd0a241bd686c5863c0600998527a1f7e2583e28d150f48
- SHA512
  
  6201570e738708a8a469e26a230f4f9a18078cf3df2150e3a149d6776da3d35c0defb368e8b4288685907dc4285a458ae5e81f67706aed0cce0e9fdcb6fa6f97
- SSDEEP
  
  384:7kRLsDO7ZVWZ4XTDyrfI2Z91dVbxuWotfdtCf16pnGVv73s:7k1sDO7Z8C2VbxolnU1UnGVTs
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2