85bdfcae4d23355a78401d4e0a073a79f01113ee6968f6c5287d4f60a8194154 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

41805fbcfd7be65f9df59b84db2bba8c_JaffaCakes118
Size

16KB
Sample

240713-npvres1dpe
MD5

41805fbcfd7be65f9df59b84db2bba8c
SHA1

1c7625b2455a9fe64a610129c32b2b99abbdb598
SHA256

85bdfcae4d23355a78401d4e0a073a79f01113ee6968f6c5287d4f60a8194154
SHA512

b3517ffc85e62ae61cf010b53f340973aa43afb44a154df9883536064266b5fed8d7456cbc2a868613f67bcd1d0e9cfca3460f18a735cda48e28427e1a05c5d7
SSDEEP

384:2neaEpTYgmZthMLK6+s/7ghI0MKqmDiN+/ZkR5j4SkvzfIE:eexTYFXi+657gRMKqmDkE2j4R7gE

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  41805fbcfd7be65f9df59b84db2bba8c_JaffaCakes118
- Size
  
  16KB
- MD5
  
  41805fbcfd7be65f9df59b84db2bba8c
- SHA1
  
  1c7625b2455a9fe64a610129c32b2b99abbdb598
- SHA256
  
  85bdfcae4d23355a78401d4e0a073a79f01113ee6968f6c5287d4f60a8194154
- SHA512
  
  b3517ffc85e62ae61cf010b53f340973aa43afb44a154df9883536064266b5fed8d7456cbc2a868613f67bcd1d0e9cfca3460f18a735cda48e28427e1a05c5d7
- SSDEEP
  
  384:2neaEpTYgmZthMLK6+s/7ghI0MKqmDiN+/ZkR5j4SkvzfIE:eexTYFXi+657gRMKqmDkE2j4R7gE
Score

7^/10

persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2