c5d161943588300c4677255d50aeacd9d6552d2d5d4f7a4202630f04abc7090b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4d500517676b12e48615e886b1241fb1_JaffaCakes118
Size

159KB
Sample

240716-h644jatdrf
MD5

4d500517676b12e48615e886b1241fb1
SHA1

55bf3d261a9ad015212d61c06aa30dfba9903156
SHA256

c5d161943588300c4677255d50aeacd9d6552d2d5d4f7a4202630f04abc7090b
SHA512

120e76154aa9c22603e47d004e5bfeebe63dc1de35094b703659b6b849e43e5ddf0dea2c9b6c1d3c4b5eb57621a29d67122a325f51fb6788f449184393d91285
SSDEEP

3072:ez2CY1htTsv1vhxkuHMfZ81A1/emx5yb3pv3gpvuEcK3krZUz5L+B:4Y1htTs9vjMfZ81eQ3lg9ulKcZUzM

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  4d500517676b12e48615e886b1241fb1_JaffaCakes118
- Size
  
  159KB
- MD5
  
  4d500517676b12e48615e886b1241fb1
- SHA1
  
  55bf3d261a9ad015212d61c06aa30dfba9903156
- SHA256
  
  c5d161943588300c4677255d50aeacd9d6552d2d5d4f7a4202630f04abc7090b
- SHA512
  
  120e76154aa9c22603e47d004e5bfeebe63dc1de35094b703659b6b849e43e5ddf0dea2c9b6c1d3c4b5eb57621a29d67122a325f51fb6788f449184393d91285
- SSDEEP
  
  3072:ez2CY1htTsv1vhxkuHMfZ81A1/emx5yb3pv3gpvuEcK3krZUz5L+B:4Y1htTs9vjMfZ81eQ3lg9ulKcZUzM
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2