6c83d9d5bfad012929f61a86be5e4d124295606d5791909d457579fdb359b10d | Triage

Sharing

General

Target

60c0bd3dbd82e7e559c9a9415b8f7d61_JaffaCakes118
Size

236KB
Sample

240721-v13pqswfrc
MD5

60c0bd3dbd82e7e559c9a9415b8f7d61
SHA1

c382998ad8c9c29949e8f868c8f5f018e4fea76d
SHA256

6c83d9d5bfad012929f61a86be5e4d124295606d5791909d457579fdb359b10d
SHA512

3ee8e3a41a2bb175d4bfc208b9860239dbb8cd74bcf55b64884513d644cccb3ea0656b281cd9cae92537123b4c1c7711edd5cb086a7f4e51f46a0d750e6c9204
SSDEEP

1536:1dKaTHN2ymZ0ofa5uQm4V7HG8ldINh+RhFtFftCgpcGO5lPf/XG8GmGwktbR:1Y4tIQG8XAmbFfaGc1fawk1R

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  60c0bd3dbd82e7e559c9a9415b8f7d61_JaffaCakes118
- Size
  
  236KB
- MD5
  
  60c0bd3dbd82e7e559c9a9415b8f7d61
- SHA1
  
  c382998ad8c9c29949e8f868c8f5f018e4fea76d
- SHA256
  
  6c83d9d5bfad012929f61a86be5e4d124295606d5791909d457579fdb359b10d
- SHA512
  
  3ee8e3a41a2bb175d4bfc208b9860239dbb8cd74bcf55b64884513d644cccb3ea0656b281cd9cae92537123b4c1c7711edd5cb086a7f4e51f46a0d750e6c9204
- SSDEEP
  
  1536:1dKaTHN2ymZ0ofa5uQm4V7HG8ldINh+RhFtFftCgpcGO5lPf/XG8GmGwktbR:1Y4tIQG8XAmbFfaGc1fawk1R
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2