468c12e63dd6cdf5df6c370f0261c34dcc6248b95aab9912787ca69d800789bf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3e3f5d1c01888dc4e22d0251f522d6b8_JaffaCakes118
Size

32KB
Sample

240712-v49bpatbjl
MD5

3e3f5d1c01888dc4e22d0251f522d6b8
SHA1

b8d02803f2160ceda020c978455e849744c2af07
SHA256

468c12e63dd6cdf5df6c370f0261c34dcc6248b95aab9912787ca69d800789bf
SHA512

3a7b1963ca4593e56924fc1af6da7743340809f6ed236707daf1d4e1ec6080fd02e2260dfe67c959ce5f0f4d69915aa4b24328f27e46f3846f91e4fcd6212c85
SSDEEP

384:WqX0XQXXq2tCOpnDqf9ptAy2FPWz9ncBV0UuCYIElQU5eT9VO5ueoCKyC/9Y45HW:W20An3ZpnDGptYloznn4/JTXZZM9ZvN

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  3e3f5d1c01888dc4e22d0251f522d6b8_JaffaCakes118
- Size
  
  32KB
- MD5
  
  3e3f5d1c01888dc4e22d0251f522d6b8
- SHA1
  
  b8d02803f2160ceda020c978455e849744c2af07
- SHA256
  
  468c12e63dd6cdf5df6c370f0261c34dcc6248b95aab9912787ca69d800789bf
- SHA512
  
  3a7b1963ca4593e56924fc1af6da7743340809f6ed236707daf1d4e1ec6080fd02e2260dfe67c959ce5f0f4d69915aa4b24328f27e46f3846f91e4fcd6212c85
- SSDEEP
  
  384:WqX0XQXXq2tCOpnDqf9ptAy2FPWz9ncBV0UuCYIElQU5eT9VO5ueoCKyC/9Y45HW:W20An3ZpnDGptYloznn4/JTXZZM9ZvN
Score

7^/10

persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2