b51024aadb73de31e0f7540b125862d2ecad7cefbab5ab66944d4c0453b13c71 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

59f6804172993c2f8a59ace860fb0d84_JaffaCakes118
Size

609KB
Sample

240719-b5v1xazelb
MD5

59f6804172993c2f8a59ace860fb0d84
SHA1

a5b8c86067f75c029dc94fb9f78fba169f6bd5bb
SHA256

b51024aadb73de31e0f7540b125862d2ecad7cefbab5ab66944d4c0453b13c71
SHA512

971728aaa072d858e79d15cc422e2a6ab1d9496438ad0d836e9e053f0dc2d2f47e6930df7ba242f61f300cdab09a3f645d21de4937f0c57cc34749b5d44788aa
SSDEEP

12288:6hw0Sgkid7wuPUYjiwONpuSNqs4dGhWzca4caKFIqZxqO80rAKsp+:6hwp7mcuPUYjiwONpuSNqsCGhWzGKiLw

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  59f6804172993c2f8a59ace860fb0d84_JaffaCakes118
- Size
  
  609KB
- MD5
  
  59f6804172993c2f8a59ace860fb0d84
- SHA1
  
  a5b8c86067f75c029dc94fb9f78fba169f6bd5bb
- SHA256
  
  b51024aadb73de31e0f7540b125862d2ecad7cefbab5ab66944d4c0453b13c71
- SHA512
  
  971728aaa072d858e79d15cc422e2a6ab1d9496438ad0d836e9e053f0dc2d2f47e6930df7ba242f61f300cdab09a3f645d21de4937f0c57cc34749b5d44788aa
- SSDEEP
  
  12288:6hw0Sgkid7wuPUYjiwONpuSNqs4dGhWzca4caKFIqZxqO80rAKsp+:6hwp7mcuPUYjiwONpuSNqsCGhWzGKiLw
Score

8^/10

persistence
- Drops file in Drivers directory
- Sets service image path in registry
  persistence
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2