42b2d72a0ac2a95a99b28ca6883af3545dbc044ac6370c61f6b47603f974e5d1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

78259f6a5b5c115e2ac05f8bac2a6497_JaffaCakes118
Size

112KB
Sample

240727-n5jdbsycqj
MD5

78259f6a5b5c115e2ac05f8bac2a6497
SHA1

1cbef5fa4da9e2317d1d678a33c3a8caf6bd2cfa
SHA256

42b2d72a0ac2a95a99b28ca6883af3545dbc044ac6370c61f6b47603f974e5d1
SHA512

e8ed769e9ffb4ac4b3776a8ea16ece988d7911f56c1d12fd33bfd2f5c20b3d0e156345c73f39f43c88bc49d267352c2bedc7aa6fd696fb97ef544faefe9d17af
SSDEEP

3072:Hhiy/GlXdNDD7zvCcxOrkS9WEsPrKBh7:HAMGh3DD7zvCXb9gjyh

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  78259f6a5b5c115e2ac05f8bac2a6497_JaffaCakes118
- Size
  
  112KB
- MD5
  
  78259f6a5b5c115e2ac05f8bac2a6497
- SHA1
  
  1cbef5fa4da9e2317d1d678a33c3a8caf6bd2cfa
- SHA256
  
  42b2d72a0ac2a95a99b28ca6883af3545dbc044ac6370c61f6b47603f974e5d1
- SHA512
  
  e8ed769e9ffb4ac4b3776a8ea16ece988d7911f56c1d12fd33bfd2f5c20b3d0e156345c73f39f43c88bc49d267352c2bedc7aa6fd696fb97ef544faefe9d17af
- SSDEEP
  
  3072:Hhiy/GlXdNDD7zvCcxOrkS9WEsPrKBh7:HAMGh3DD7zvCXb9gjyh
Score

7^/10

discovery persistence
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2