b87f5c17de8fd183393c9f436fb7f2eab01b7baa837871c02033a98974aae208 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3d2e39e012b1161523272ab671385943_JaffaCakes118
Size

13KB
Sample

240712-njtl6stdmc
MD5

3d2e39e012b1161523272ab671385943
SHA1

6de849e685cea66b279f906f240fd5c1a3622f16
SHA256

b87f5c17de8fd183393c9f436fb7f2eab01b7baa837871c02033a98974aae208
SHA512

ce96b1c5e6df3165305cacaaefb418746652b2593ec2bea17b9a6e986aea789b7c078158f7973a6ee77be16c41b6dd755fad4ba25d776679265c6ad2a1d428a5
SSDEEP

384:N/OpcJix5cUxb7znzOOf/EAasNDqt5MVNn4uAs9:EpcJC5cUt77aSIKGt5M0+

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  3d2e39e012b1161523272ab671385943_JaffaCakes118
- Size
  
  13KB
- MD5
  
  3d2e39e012b1161523272ab671385943
- SHA1
  
  6de849e685cea66b279f906f240fd5c1a3622f16
- SHA256
  
  b87f5c17de8fd183393c9f436fb7f2eab01b7baa837871c02033a98974aae208
- SHA512
  
  ce96b1c5e6df3165305cacaaefb418746652b2593ec2bea17b9a6e986aea789b7c078158f7973a6ee77be16c41b6dd755fad4ba25d776679265c6ad2a1d428a5
- SSDEEP
  
  384:N/OpcJix5cUxb7znzOOf/EAasNDqt5MVNn4uAs9:EpcJC5cUt77aSIKGt5M0+
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2