0221bf57bfe8c18368e101d74f437c2037b443ff55dc2cb3a52e6a82c6794cd4 | Triage

Sharing

General

Target

2e8d299b09c7189f75eab720ba7cf7f6_JaffaCakes118
Size

19KB
Sample

240709-b1spzssbnb
MD5

2e8d299b09c7189f75eab720ba7cf7f6
SHA1

f1cf8efadbbccfc8e7761657080c989cf1fab4d4
SHA256

0221bf57bfe8c18368e101d74f437c2037b443ff55dc2cb3a52e6a82c6794cd4
SHA512

ba76f77a9050fac273351707751e39d8887f3ef097a452264aa0ddd796643f40b7977c490170313e3391b3f109adcee856a6b4144ad7c4fc298cc4bb7a052f2a
SSDEEP

384:jWKSeWzKJqKo8phK65/ydMLcQkgGT/V83FIy+qU:qWkZ8ps6s+tk9LWeyfU

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  2e8d299b09c7189f75eab720ba7cf7f6_JaffaCakes118
- Size
  
  19KB
- MD5
  
  2e8d299b09c7189f75eab720ba7cf7f6
- SHA1
  
  f1cf8efadbbccfc8e7761657080c989cf1fab4d4
- SHA256
  
  0221bf57bfe8c18368e101d74f437c2037b443ff55dc2cb3a52e6a82c6794cd4
- SHA512
  
  ba76f77a9050fac273351707751e39d8887f3ef097a452264aa0ddd796643f40b7977c490170313e3391b3f109adcee856a6b4144ad7c4fc298cc4bb7a052f2a
- SSDEEP
  
  384:jWKSeWzKJqKo8phK65/ydMLcQkgGT/V83FIy+qU:qWkZ8ps6s+tk9LWeyfU
Score

8^/10

persistence
- Adds policy Run key to start application
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2