22145388c091b029c500e9f91c6bcf8aebadce35b84a24ff59cf130758b177d7 | Triage

Sharing

General

Target

6f64b712a7ec03dd77478edd14210944_JaffaCakes118
Size

332KB
Sample

240725-nm4ljszajd
MD5

6f64b712a7ec03dd77478edd14210944
SHA1

77c17d5d2d749df5a7bec21050be477e5abceb93
SHA256

22145388c091b029c500e9f91c6bcf8aebadce35b84a24ff59cf130758b177d7
SHA512

844326f77a326415e41e2007a9f821797f7bc39cfbc8f6f105b0bbf06263a134a1098e63e5bb19a2249b92ce2a6c6e94929df618521523680e57d51e257c122a
SSDEEP

6144:NFKtiBI9oME9z9NPTRQjpzPW4wlMUuWleCl0bG:cEpLPtiNpUurtG

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  6f64b712a7ec03dd77478edd14210944_JaffaCakes118
- Size
  
  332KB
- MD5
  
  6f64b712a7ec03dd77478edd14210944
- SHA1
  
  77c17d5d2d749df5a7bec21050be477e5abceb93
- SHA256
  
  22145388c091b029c500e9f91c6bcf8aebadce35b84a24ff59cf130758b177d7
- SHA512
  
  844326f77a326415e41e2007a9f821797f7bc39cfbc8f6f105b0bbf06263a134a1098e63e5bb19a2249b92ce2a6c6e94929df618521523680e57d51e257c122a
- SSDEEP
  
  6144:NFKtiBI9oME9z9NPTRQjpzPW4wlMUuWleCl0bG:cEpLPtiNpUurtG
Score

7^/10

discovery persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2