4a05aa4c2c7523849834507c1fd2d9ccec497cb9784217cb3d93912f29734735 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

636ad7280a12b3a3b3d16107dc7e7d59_JaffaCakes118
Size

38KB
Sample

240722-q48mya1fmq
MD5

636ad7280a12b3a3b3d16107dc7e7d59
SHA1

89a8a983c01e6d77d7b4f55150a1f65d5e69e3a3
SHA256

4a05aa4c2c7523849834507c1fd2d9ccec497cb9784217cb3d93912f29734735
SHA512

3d98053acc1c16de1688e4eb6dfa55f5faaebb87774a9b0700dabfed231666545032c15a408914e235843cc43908b3724b920302189aa7e877fde47a4c422ca5
SSDEEP

768:/5QrYcgj2UWrhwpU1ETS1Sqdp5/Cuumwr/QhAGlDFx0aK+Hvrou2:/2rYNCUKhAU1ETqSGDCb7jQhRlpK7+D6

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  636ad7280a12b3a3b3d16107dc7e7d59_JaffaCakes118
- Size
  
  38KB
- MD5
  
  636ad7280a12b3a3b3d16107dc7e7d59
- SHA1
  
  89a8a983c01e6d77d7b4f55150a1f65d5e69e3a3
- SHA256
  
  4a05aa4c2c7523849834507c1fd2d9ccec497cb9784217cb3d93912f29734735
- SHA512
  
  3d98053acc1c16de1688e4eb6dfa55f5faaebb87774a9b0700dabfed231666545032c15a408914e235843cc43908b3724b920302189aa7e877fde47a4c422ca5
- SSDEEP
  
  768:/5QrYcgj2UWrhwpU1ETS1Sqdp5/Cuumwr/QhAGlDFx0aK+Hvrou2:/2rYNCUKhAU1ETqSGDCb7jQhRlpK7+D6
Score

8^/10

persistence
- Drops file in Drivers directory
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2