2ba3582c162ede7d2b001f491dc05c107fd2946af79c9f0511213c2fb5a462d4 | Triage

Sharing

General

Target

7708a3cf1ccf3bd532ce328e21109ea9_JaffaCakes118
Size

117KB
Sample

240727-ezctxszfja
MD5

7708a3cf1ccf3bd532ce328e21109ea9
SHA1

85a5445a35a7ce0ea0cf216962b683b46cbf52ee
SHA256

2ba3582c162ede7d2b001f491dc05c107fd2946af79c9f0511213c2fb5a462d4
SHA512

a2e92d8e2e88afe832632054d19ae1e7f370411159a1a6dda84db0383bbea7656e773ac0a59d33741185a649f94cb16b375068c5cc971ed16588e34439b12adf
SSDEEP

3072:M/steHkz9qcI0B4wWtXAz3+sOySSFh9e/cJE:qOaRAzzpOySi96Q

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  7708a3cf1ccf3bd532ce328e21109ea9_JaffaCakes118
- Size
  
  117KB
- MD5
  
  7708a3cf1ccf3bd532ce328e21109ea9
- SHA1
  
  85a5445a35a7ce0ea0cf216962b683b46cbf52ee
- SHA256
  
  2ba3582c162ede7d2b001f491dc05c107fd2946af79c9f0511213c2fb5a462d4
- SHA512
  
  a2e92d8e2e88afe832632054d19ae1e7f370411159a1a6dda84db0383bbea7656e773ac0a59d33741185a649f94cb16b375068c5cc971ed16588e34439b12adf
- SSDEEP
  
  3072:M/steHkz9qcI0B4wWtXAz3+sOySSFh9e/cJE:qOaRAzzpOySi96Q
Score

7^/10

discovery persistence
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2