7ab87580536e967d49595df8433aa9997b51aa6115ecba2496a2ce9b8884c8b8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5fda10b205075edd719d2bfec02fb9ef_JaffaCakes118
Size

396KB
Sample

240720-kz7xysyflg
MD5

5fda10b205075edd719d2bfec02fb9ef
SHA1

b9eafa7f78d07f49597b6ce1c1075ce5d14fb89e
SHA256

7ab87580536e967d49595df8433aa9997b51aa6115ecba2496a2ce9b8884c8b8
SHA512

1668c3ed51b6e7fd60c97f46c2d6bb712ad5dd81147d9a27a82376b160fcf25e8cccfab8a0f52b7813ea9e0e9891f0f60645b834f839ac6d0255d2d03e3bea25
SSDEEP

6144:/a724P15fvM6xskS/xi9jsfHJUgEMusqqk6t8aaY1zJH19LLql4lw9:e2o15fvM6VjmpUgJ+6tRaYDHrLLAb

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  5fda10b205075edd719d2bfec02fb9ef_JaffaCakes118
- Size
  
  396KB
- MD5
  
  5fda10b205075edd719d2bfec02fb9ef
- SHA1
  
  b9eafa7f78d07f49597b6ce1c1075ce5d14fb89e
- SHA256
  
  7ab87580536e967d49595df8433aa9997b51aa6115ecba2496a2ce9b8884c8b8
- SHA512
  
  1668c3ed51b6e7fd60c97f46c2d6bb712ad5dd81147d9a27a82376b160fcf25e8cccfab8a0f52b7813ea9e0e9891f0f60645b834f839ac6d0255d2d03e3bea25
- SSDEEP
  
  6144:/a724P15fvM6xskS/xi9jsfHJUgEMusqqk6t8aaY1zJH19LLql4lw9:e2o15fvM6VjmpUgJ+6tRaYDHrLLAb
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2