3849cec36d1c310753325ecb0ea0298b7c39f1a0d753ba97509f4f6c3f12dfc1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

822802ed5f98a65076ea31d8e8d8929f_JaffaCakes118
Size

824KB
Sample

240801-3gqvtssdlk
MD5

822802ed5f98a65076ea31d8e8d8929f
SHA1

763268cc6fa56c1ec0e0469f214c0a31a6126f0f
SHA256

3849cec36d1c310753325ecb0ea0298b7c39f1a0d753ba97509f4f6c3f12dfc1
SHA512

891efa9616f1d7338be692836d5768c3af023bab26f87f0cf365319f551a1ae9f6313b45e095260cebf6df53d878b6e186068116ea5d5c334309c527fe3c2a7a
SSDEEP

24576:0/CNqvQF4idp26OfnRYCADU9AzUSiAbp21Wxpt:QCNqEdvHOfnb/LS44vt

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  822802ed5f98a65076ea31d8e8d8929f_JaffaCakes118
- Size
  
  824KB
- MD5
  
  822802ed5f98a65076ea31d8e8d8929f
- SHA1
  
  763268cc6fa56c1ec0e0469f214c0a31a6126f0f
- SHA256
  
  3849cec36d1c310753325ecb0ea0298b7c39f1a0d753ba97509f4f6c3f12dfc1
- SHA512
  
  891efa9616f1d7338be692836d5768c3af023bab26f87f0cf365319f551a1ae9f6313b45e095260cebf6df53d878b6e186068116ea5d5c334309c527fe3c2a7a
- SSDEEP
  
  24576:0/CNqvQF4idp26OfnRYCADU9AzUSiAbp21Wxpt:QCNqEdvHOfnb/LS44vt
Score

7^/10

discovery persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2