524b6ef6399dab851c6da36ac3d2569ea076b5403aac896a324d47c58acae148 | Triage

Sharing

General

Target

4d927d11d82abc18260f23310f7753da_JaffaCakes118
Size

49KB
Sample

240716-kky2hateqk
MD5

4d927d11d82abc18260f23310f7753da
SHA1

3f7c83d8b6112533e9e9007dcc3d942aad6fe0ab
SHA256

524b6ef6399dab851c6da36ac3d2569ea076b5403aac896a324d47c58acae148
SHA512

45fe87dd3c0b9ff62028cbf9db310326705ec77dc3f1b87646036c83118810df56cb9261d7a1ff8c300d6c937023d9f22f64eaa53c772a78515f40266ad6ea93
SSDEEP

768:RM6vXHIn3W6z2SXibYPIKLiQZXVHjVRyYLv+OJxy8XBb2ffxUTQKwyIVOrpJk:RMUonmaXi/EZX9yYLxvxksyYpJk

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  4d927d11d82abc18260f23310f7753da_JaffaCakes118
- Size
  
  49KB
- MD5
  
  4d927d11d82abc18260f23310f7753da
- SHA1
  
  3f7c83d8b6112533e9e9007dcc3d942aad6fe0ab
- SHA256
  
  524b6ef6399dab851c6da36ac3d2569ea076b5403aac896a324d47c58acae148
- SHA512
  
  45fe87dd3c0b9ff62028cbf9db310326705ec77dc3f1b87646036c83118810df56cb9261d7a1ff8c300d6c937023d9f22f64eaa53c772a78515f40266ad6ea93
- SSDEEP
  
  768:RM6vXHIn3W6z2SXibYPIKLiQZXVHjVRyYLv+OJxy8XBb2ffxUTQKwyIVOrpJk:RMUonmaXi/EZX9yYLxvxksyYpJk
Score

8^/10

persistence
- Blocklisted process makes network request
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2