c93818f56942ab9439f5b6f00fa9c476773db0e5cbf156c1bc4d10748a63c96d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3863ba4c5fe5b2b64e2a40cafbd1e37b_JaffaCakes118
Size

52KB
Sample

240711-kc3dyszhnh
MD5

3863ba4c5fe5b2b64e2a40cafbd1e37b
SHA1

76e8ec80fffb2fd98e620b9d04b53f8480866e09
SHA256

c93818f56942ab9439f5b6f00fa9c476773db0e5cbf156c1bc4d10748a63c96d
SHA512

90717e71438ba774766e1e7b12389db76195dd02a9f2c30bdfc8c03db140f90ac388636cbf04abfefdeba5a16e4da42f88ea8bdf0c05269fbfd10e81496eaed5
SSDEEP

768:vT8exG620XjzngTRmhlOLWsyjNUYLGNY1C/9t6+1N45+1uUp+IoBgYa4M:b8QGAPnthISsymYL4/9t6+1uI1FzB

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  3863ba4c5fe5b2b64e2a40cafbd1e37b_JaffaCakes118
- Size
  
  52KB
- MD5
  
  3863ba4c5fe5b2b64e2a40cafbd1e37b
- SHA1
  
  76e8ec80fffb2fd98e620b9d04b53f8480866e09
- SHA256
  
  c93818f56942ab9439f5b6f00fa9c476773db0e5cbf156c1bc4d10748a63c96d
- SHA512
  
  90717e71438ba774766e1e7b12389db76195dd02a9f2c30bdfc8c03db140f90ac388636cbf04abfefdeba5a16e4da42f88ea8bdf0c05269fbfd10e81496eaed5
- SSDEEP
  
  768:vT8exG620XjzngTRmhlOLWsyjNUYLGNY1C/9t6+1N45+1uUp+IoBgYa4M:b8QGAPnthISsymYL4/9t6+1uI1FzB
Score

8^/10

persistence
- Blocklisted process makes network request
- Drops file in Drivers directory
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2