35d0e3f30421d583cff55f776adf4eb41af622c5adc1ba89304f39ab27e91bc6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2de2c66acc290d38bf21baef62d9d9c2_JaffaCakes118
Size

45KB
Sample

240708-1fxkwasdrf
MD5

2de2c66acc290d38bf21baef62d9d9c2
SHA1

e7abd919485ce2502430169f32df8af82255f078
SHA256

35d0e3f30421d583cff55f776adf4eb41af622c5adc1ba89304f39ab27e91bc6
SHA512

0d12ecd395d29a7d7c52f91fe56c94b9bd0ee978057e5e15559732c2531fdffc54bad07c63522747acc419ad161f11c861545c5ac18dc399d12b45c42f6b7f73
SSDEEP

768:dfNmvp7L7cTovlBUZWwXKeQLNcdwivyucXgQxfA:dFM7nc4BUZJ6b5cSiv70xfA

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  2de2c66acc290d38bf21baef62d9d9c2_JaffaCakes118
- Size
  
  45KB
- MD5
  
  2de2c66acc290d38bf21baef62d9d9c2
- SHA1
  
  e7abd919485ce2502430169f32df8af82255f078
- SHA256
  
  35d0e3f30421d583cff55f776adf4eb41af622c5adc1ba89304f39ab27e91bc6
- SHA512
  
  0d12ecd395d29a7d7c52f91fe56c94b9bd0ee978057e5e15559732c2531fdffc54bad07c63522747acc419ad161f11c861545c5ac18dc399d12b45c42f6b7f73
- SSDEEP
  
  768:dfNmvp7L7cTovlBUZWwXKeQLNcdwivyucXgQxfA:dFM7nc4BUZJ6b5cSiv70xfA
Score

8^/10

persistence
- Blocklisted process makes network request
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2