cb3f55f8ee0abf8d11f8527f69cd0f0934796f8cef94193121bfc66c92643742 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

765ccda3cc060c642facaf7552ce68ed_JaffaCakes118
Size

39KB
Sample

240727-aqqxzavbjr
MD5

765ccda3cc060c642facaf7552ce68ed
SHA1

7b5404c25029b5477fdcea98c207879d6aded8bd
SHA256

cb3f55f8ee0abf8d11f8527f69cd0f0934796f8cef94193121bfc66c92643742
SHA512

5bb92613f642e91a1ba9b804526735869cefded612662e4e502c665ac1f64b3167f8f0acbfd3ad8b43e89aa873729f01aaaef69906beef53a6942cd55cc61a6d
SSDEEP

768:VC93rDzjqyb0njy7D8TWkSkJXtdaH/qUY4HFYqfcy/LR+y8wQ:+yyYjgWvSkJXtdvD4Heqf39nlQ

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  765ccda3cc060c642facaf7552ce68ed_JaffaCakes118
- Size
  
  39KB
- MD5
  
  765ccda3cc060c642facaf7552ce68ed
- SHA1
  
  7b5404c25029b5477fdcea98c207879d6aded8bd
- SHA256
  
  cb3f55f8ee0abf8d11f8527f69cd0f0934796f8cef94193121bfc66c92643742
- SHA512
  
  5bb92613f642e91a1ba9b804526735869cefded612662e4e502c665ac1f64b3167f8f0acbfd3ad8b43e89aa873729f01aaaef69906beef53a6942cd55cc61a6d
- SSDEEP
  
  768:VC93rDzjqyb0njy7D8TWkSkJXtdaH/qUY4HFYqfcy/LR+y8wQ:+yyYjgWvSkJXtdvD4Heqf39nlQ
Score

7^/10

discovery persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Modifies WinLogon
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2