7b5f04fe17a3aeb6a14b52e696b8fb95ccd46d06015f7e08cac53f79d0a7e040 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6824db1db5a5c80c238e4be958857f92_JaffaCakes118
Size

356KB
Sample

240723-sxhjaazdnh
MD5

6824db1db5a5c80c238e4be958857f92
SHA1

f49731f4377ce3ca5c1ad5232db365522a68cabd
SHA256

7b5f04fe17a3aeb6a14b52e696b8fb95ccd46d06015f7e08cac53f79d0a7e040
SHA512

cfbeb3d3287863c9927506520a8c0a4c8dc7ed0a0d29c0eb53aae1e4e21c40c02d169b01bb73c03017223a629f8dc0188d977d4aa4299d00be093c2efa9238a9
SSDEEP

6144:/JCsArgpdiPNBCU0hgZb7NVS9qlBFc1d6YpOV6vqvXeuIS4ChZYy:/UMpd+zCFgJXKLMVPvXPIS5

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  6824db1db5a5c80c238e4be958857f92_JaffaCakes118
- Size
  
  356KB
- MD5
  
  6824db1db5a5c80c238e4be958857f92
- SHA1
  
  f49731f4377ce3ca5c1ad5232db365522a68cabd
- SHA256
  
  7b5f04fe17a3aeb6a14b52e696b8fb95ccd46d06015f7e08cac53f79d0a7e040
- SHA512
  
  cfbeb3d3287863c9927506520a8c0a4c8dc7ed0a0d29c0eb53aae1e4e21c40c02d169b01bb73c03017223a629f8dc0188d977d4aa4299d00be093c2efa9238a9
- SSDEEP
  
  6144:/JCsArgpdiPNBCU0hgZb7NVS9qlBFc1d6YpOV6vqvXeuIS4ChZYy:/UMpd+zCFgJXKLMVPvXPIS5
Score

7^/10

discovery persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2