b55f831e962d65b249d1fd25bad92ed5d80d729203347ff325b6415f3bbee0c1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

745198b464a862371ab3ff88331d5eb9_JaffaCakes118
Size

122KB
Sample

240726-q34ycsveng
MD5

745198b464a862371ab3ff88331d5eb9
SHA1

3586cebf4135ead74d85f5198d035371d0fbb372
SHA256

b55f831e962d65b249d1fd25bad92ed5d80d729203347ff325b6415f3bbee0c1
SHA512

ef99efa7eba3dbed420b4ad5d62c4e9e49b7dd9c2af6e9f2e7fc93014503f0bd2b1a2940154580c18a2668499dcdd3f01cbc9d3717d62d1811bf104618202ceb
SSDEEP

3072:AouxVtFBJg17lHi/lmVUQt64/3J6AzT79ngAySvs32:luxVt21wlmqQXJ64DySk32

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  745198b464a862371ab3ff88331d5eb9_JaffaCakes118
- Size
  
  122KB
- MD5
  
  745198b464a862371ab3ff88331d5eb9
- SHA1
  
  3586cebf4135ead74d85f5198d035371d0fbb372
- SHA256
  
  b55f831e962d65b249d1fd25bad92ed5d80d729203347ff325b6415f3bbee0c1
- SHA512
  
  ef99efa7eba3dbed420b4ad5d62c4e9e49b7dd9c2af6e9f2e7fc93014503f0bd2b1a2940154580c18a2668499dcdd3f01cbc9d3717d62d1811bf104618202ceb
- SSDEEP
  
  3072:AouxVtFBJg17lHi/lmVUQt64/3J6AzT79ngAySvs32:luxVt21wlmqQXJ64DySk32
Score

7^/10

discovery persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2