c2f566a953ee54e71e739cd1850a7d5a83a4e489236463b96d7ea99ac0997000 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

28fe3e89caeb96d421c84e953ed470ad_JaffaCakes118
Size

129KB
Sample

240706-vzhm6sygmg
MD5

28fe3e89caeb96d421c84e953ed470ad
SHA1

06df5099e128cbd1f774c9c07cc7e0095f8f302f
SHA256

c2f566a953ee54e71e739cd1850a7d5a83a4e489236463b96d7ea99ac0997000
SHA512

028be6f7d9819d8559cf8ff076620c60d68f72bdc793e2d932eb491b44a4fc7dc15409ae5efdf094b76b3cd7d3fba756d330ea5499806ab0c180f9c7f12eaa1c
SSDEEP

3072:DkKCZMNnC2MtJRC5zDLP/tQWgV7mgvpJappHOL5PFn0wcccccccc:DkKCZMNj6C5zDLNQRrpgppH0PFn0wccL

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  28fe3e89caeb96d421c84e953ed470ad_JaffaCakes118
- Size
  
  129KB
- MD5
  
  28fe3e89caeb96d421c84e953ed470ad
- SHA1
  
  06df5099e128cbd1f774c9c07cc7e0095f8f302f
- SHA256
  
  c2f566a953ee54e71e739cd1850a7d5a83a4e489236463b96d7ea99ac0997000
- SHA512
  
  028be6f7d9819d8559cf8ff076620c60d68f72bdc793e2d932eb491b44a4fc7dc15409ae5efdf094b76b3cd7d3fba756d330ea5499806ab0c180f9c7f12eaa1c
- SSDEEP
  
  3072:DkKCZMNnC2MtJRC5zDLP/tQWgV7mgvpJappHOL5PFn0wcccccccc:DkKCZMNj6C5zDLNQRrpgppH0PFn0wccL
Score

8^/10

persistence
- Blocklisted process makes network request
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2