e43c26f92952a7ffd2b0579714cd79384feaa9701aeef3bd9b04bc7bc1dc7f77 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

839b109a049701939875ba44b8fdeca6_JaffaCakes118
Size

45KB
Sample

240809-1avt4atepc
MD5

839b109a049701939875ba44b8fdeca6
SHA1

9098bed3de44397099201a9380b49d4379116fdf
SHA256

e43c26f92952a7ffd2b0579714cd79384feaa9701aeef3bd9b04bc7bc1dc7f77
SHA512

e1a2bcb4498be3ddd3a7457c47c0aecf6aa183c1111d25095f7c5968d5c30dcb29461e69373c7eaac3f73461213bfd6fde214c8979d5c7115e4fddb7426f5133
SSDEEP

768:uGl/rUnTL65yGim4pYSZhER8QkOwAsZyU4FLk/0KtT2a8jmr83jkcM2qYrnLcjbz:uGBUnTL6QGim4prEqQkOwAKL4FLk/LTl

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  839b109a049701939875ba44b8fdeca6_JaffaCakes118
- Size
  
  45KB
- MD5
  
  839b109a049701939875ba44b8fdeca6
- SHA1
  
  9098bed3de44397099201a9380b49d4379116fdf
- SHA256
  
  e43c26f92952a7ffd2b0579714cd79384feaa9701aeef3bd9b04bc7bc1dc7f77
- SHA512
  
  e1a2bcb4498be3ddd3a7457c47c0aecf6aa183c1111d25095f7c5968d5c30dcb29461e69373c7eaac3f73461213bfd6fde214c8979d5c7115e4fddb7426f5133
- SSDEEP
  
  768:uGl/rUnTL65yGim4pYSZhER8QkOwAsZyU4FLk/0KtT2a8jmr83jkcM2qYrnLcjbz:uGBUnTL6QGim4prEqQkOwAKL4FLk/LTl
Score

7^/10

discovery persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence