2f319c522bce7d3a7853bfb9c88574924ae15a0f68d58feac19d9bb9033b0ce1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

63f432aec9772a884160d896882cbe0a_JaffaCakes118
Size

14KB
Sample

240722-t6ednaxaja
MD5

63f432aec9772a884160d896882cbe0a
SHA1

22b37f7ee38f08666195e5851de117643d582fba
SHA256

2f319c522bce7d3a7853bfb9c88574924ae15a0f68d58feac19d9bb9033b0ce1
SHA512

025cc07d8f89b2c97c183845f331d36fc5d2ea8cc6680398281ceccb9e0aa31ef0909aebcfb63f6f6e5dbb5ad148926a295eb45d8cd6c0cd56173b460be89ce0
SSDEEP

384:1o+PRpVf1vpCtuMihEM2P5Nt6tA6gbvqQj85A:15PRpV9YMMmEM2P5Nt6sRj8a

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  63f432aec9772a884160d896882cbe0a_JaffaCakes118
- Size
  
  14KB
- MD5
  
  63f432aec9772a884160d896882cbe0a
- SHA1
  
  22b37f7ee38f08666195e5851de117643d582fba
- SHA256
  
  2f319c522bce7d3a7853bfb9c88574924ae15a0f68d58feac19d9bb9033b0ce1
- SHA512
  
  025cc07d8f89b2c97c183845f331d36fc5d2ea8cc6680398281ceccb9e0aa31ef0909aebcfb63f6f6e5dbb5ad148926a295eb45d8cd6c0cd56173b460be89ce0
- SSDEEP
  
  384:1o+PRpVf1vpCtuMihEM2P5Nt6tA6gbvqQj85A:15PRpV9YMMmEM2P5Nt6sRj8a
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2