d348b37ef885150abc3139c62a26c511ff120041e82879218b2a1560c5fa5429 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4d0cb602c72fb64e24a1613eeaf96f5c_JaffaCakes118
Size

72KB
Sample

240716-gjm13azhqd
MD5

4d0cb602c72fb64e24a1613eeaf96f5c
SHA1

fb2fa7794a7dd3109f418fb3d73b8f24117088da
SHA256

d348b37ef885150abc3139c62a26c511ff120041e82879218b2a1560c5fa5429
SHA512

47f44e888601ad5ac65f30429d9439e7691b6b300ae59354c4d1a1d196f1a63bb810124ae40b28c0be614b5f11c1aee477602c1b77150b9e1251717cd0d1b285
SSDEEP

768:Tcn3TPexwDvKLzMdvpybYcOqXd8nqDj1/WsO:Tabe5zwvYnaqDh/g

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  4d0cb602c72fb64e24a1613eeaf96f5c_JaffaCakes118
- Size
  
  72KB
- MD5
  
  4d0cb602c72fb64e24a1613eeaf96f5c
- SHA1
  
  fb2fa7794a7dd3109f418fb3d73b8f24117088da
- SHA256
  
  d348b37ef885150abc3139c62a26c511ff120041e82879218b2a1560c5fa5429
- SHA512
  
  47f44e888601ad5ac65f30429d9439e7691b6b300ae59354c4d1a1d196f1a63bb810124ae40b28c0be614b5f11c1aee477602c1b77150b9e1251717cd0d1b285
- SSDEEP
  
  768:Tcn3TPexwDvKLzMdvpybYcOqXd8nqDj1/WsO:Tabe5zwvYnaqDh/g
Score

7^/10

persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2