41f20a706b738c680e3ffb26e260673945b6ad5a9c3ca0b13f13edded0658ecf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5c5ab7d6c8245e9fbbcc78ced911ee0b_JaffaCakes118
Size

230KB
Sample

240719-rxzbcswckp
MD5

5c5ab7d6c8245e9fbbcc78ced911ee0b
SHA1

3bff3f6a287f1f3ba8f8e2c5fd2e2d04038a59d1
SHA256

41f20a706b738c680e3ffb26e260673945b6ad5a9c3ca0b13f13edded0658ecf
SHA512

970e546859399f8cc45255dec0aee4e4d8a4fd2edb780ae46641259655cee1917b55b9400afa21b2bf047a920211e90027d0b22335a687c982a6628deb7595b2
SSDEEP

1536:rlX3piGV13fYn/yF73wVComfIwIZqkbhwaQVTfOW0lsEr+5gL/lG8G8wik5i0:JN13gnOZIwNo4fO7rMgbNwik5n

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  5c5ab7d6c8245e9fbbcc78ced911ee0b_JaffaCakes118
- Size
  
  230KB
- MD5
  
  5c5ab7d6c8245e9fbbcc78ced911ee0b
- SHA1
  
  3bff3f6a287f1f3ba8f8e2c5fd2e2d04038a59d1
- SHA256
  
  41f20a706b738c680e3ffb26e260673945b6ad5a9c3ca0b13f13edded0658ecf
- SHA512
  
  970e546859399f8cc45255dec0aee4e4d8a4fd2edb780ae46641259655cee1917b55b9400afa21b2bf047a920211e90027d0b22335a687c982a6628deb7595b2
- SSDEEP
  
  1536:rlX3piGV13fYn/yF73wVComfIwIZqkbhwaQVTfOW0lsEr+5gL/lG8G8wik5i0:JN13gnOZIwNo4fO7rMgbNwik5n
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2