42aacc994c0de73b8e4fad0731a34b24cfbff2b78426c91c95544f46c1e9cd79 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3b98a725e23c9afb014a778a083e660f_JaffaCakes118
Size

24KB
Sample

240712-cftbfswgkc
MD5

3b98a725e23c9afb014a778a083e660f
SHA1

b359102a9bca20733fcd1d02bed99073d87994aa
SHA256

42aacc994c0de73b8e4fad0731a34b24cfbff2b78426c91c95544f46c1e9cd79
SHA512

88d0f3269ef9af2d841c53410eed84392c19dc346908108e514e995851293b7a86ef363a771f7396f92b518f96d938cf3313fb9e1739711c826004f109cc32f9
SSDEEP

384:AlCh7iN/WEVOTI/t4//7ypGX6njwrJl/14vnFa2LumVi672XrrG225C9rwRa:yCVJuN/tIqY6n8favFasu8qrPWCEa

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  3b98a725e23c9afb014a778a083e660f_JaffaCakes118
- Size
  
  24KB
- MD5
  
  3b98a725e23c9afb014a778a083e660f
- SHA1
  
  b359102a9bca20733fcd1d02bed99073d87994aa
- SHA256
  
  42aacc994c0de73b8e4fad0731a34b24cfbff2b78426c91c95544f46c1e9cd79
- SHA512
  
  88d0f3269ef9af2d841c53410eed84392c19dc346908108e514e995851293b7a86ef363a771f7396f92b518f96d938cf3313fb9e1739711c826004f109cc32f9
- SSDEEP
  
  384:AlCh7iN/WEVOTI/t4//7ypGX6njwrJl/14vnFa2LumVi672XrrG225C9rwRa:yCVJuN/tIqY6n8favFasu8qrPWCEa
Score

7^/10

persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2