592ad8f762a9456c35092f9ba8efb308f2720579f7aa5c2fd8c2d8aa8a284468 | Triage

Sharing

General

Target

5e3ae42a1b148c3f1f939957c22bdd97_JaffaCakes118
Size

220KB
Sample

240719-3zjjgawhpk
MD5

5e3ae42a1b148c3f1f939957c22bdd97
SHA1

f5c7b9109b710d45bc1d3f49a195b2e9fb2d5ecf
SHA256

592ad8f762a9456c35092f9ba8efb308f2720579f7aa5c2fd8c2d8aa8a284468
SHA512

595a81e214a0edc8ba765336ed56852b44956a10a0ef8d686ca02c6c57f05c25aaee11522896c714d3f2c4e72dcc01deb60212ec0b36fe2a9cced61e502861fc
SSDEEP

3072:HtpPHZQtckqwyznOKGEWnifIZYJQZkpR6hIkMtT/FgqdZQFmg5+2vQbe:Np2txyz/GHi6BZkpSMtRhwFTbvQbe

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  5e3ae42a1b148c3f1f939957c22bdd97_JaffaCakes118
- Size
  
  220KB
- MD5
  
  5e3ae42a1b148c3f1f939957c22bdd97
- SHA1
  
  f5c7b9109b710d45bc1d3f49a195b2e9fb2d5ecf
- SHA256
  
  592ad8f762a9456c35092f9ba8efb308f2720579f7aa5c2fd8c2d8aa8a284468
- SHA512
  
  595a81e214a0edc8ba765336ed56852b44956a10a0ef8d686ca02c6c57f05c25aaee11522896c714d3f2c4e72dcc01deb60212ec0b36fe2a9cced61e502861fc
- SSDEEP
  
  3072:HtpPHZQtckqwyznOKGEWnifIZYJQZkpR6hIkMtT/FgqdZQFmg5+2vQbe:Np2txyz/GHi6BZkpSMtRhwFTbvQbe
Score

8^/10

persistence
- Drops file in Drivers directory
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2