7fee9078717373ca2a817c2c59d78b3e82ac51d3ed33350776477809d3fb9f92 | Triage

Sharing

General

Target

6fbdc640d62498ff5929a510e0b064f8_JaffaCakes118
Size

84KB
Sample

240725-qlz8vateme
MD5

6fbdc640d62498ff5929a510e0b064f8
SHA1

5876fb590dcc0ced9758fa1e45c8f2fd709e45b2
SHA256

7fee9078717373ca2a817c2c59d78b3e82ac51d3ed33350776477809d3fb9f92
SHA512

d69fab23a2edffd9216d3c986e51e0931a83ea0257bc62d53f01cbe2f51cd920d55f799f99f9a7bb007b4344ace534b680c5a19caea72ffe3863330bb7c2848e
SSDEEP

1536:ZlSB1u2IO2nToIfhxqKLUq5IiemmOOPBtK3CJjSd7ku8lVf8jcB:aB8UiTBf7hUGummWjdQuYiIB

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  6fbdc640d62498ff5929a510e0b064f8_JaffaCakes118
- Size
  
  84KB
- MD5
  
  6fbdc640d62498ff5929a510e0b064f8
- SHA1
  
  5876fb590dcc0ced9758fa1e45c8f2fd709e45b2
- SHA256
  
  7fee9078717373ca2a817c2c59d78b3e82ac51d3ed33350776477809d3fb9f92
- SHA512
  
  d69fab23a2edffd9216d3c986e51e0931a83ea0257bc62d53f01cbe2f51cd920d55f799f99f9a7bb007b4344ace534b680c5a19caea72ffe3863330bb7c2848e
- SSDEEP
  
  1536:ZlSB1u2IO2nToIfhxqKLUq5IiemmOOPBtK3CJjSd7ku8lVf8jcB:aB8UiTBf7hUGummWjdQuYiIB
Score

8^/10

discovery persistence
- Blocklisted process makes network request
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence