a640f23d223122c5715b722000d623a9b9c16aa6e826a5bfcd223962270da127 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

84a8439718181e12b7b3295edd38a6fb_JaffaCakes118
Size

45KB
Sample

240810-d47pestgjq
MD5

84a8439718181e12b7b3295edd38a6fb
SHA1

9f546ddaa43df0590a3f02bf482c7fa7465d0177
SHA256

a640f23d223122c5715b722000d623a9b9c16aa6e826a5bfcd223962270da127
SHA512

da50e39566dae21b5c981fb34ddaec1b7440ab9b385b242f6e0340a7a4724ca5b3c6b8cfac1ee0b4be97a847e0db28f8e42d60540f72bfaf7a3d6df5531dbf02
SSDEEP

768:yQekwDGyHK6MUhOIJRLBMkpaU0TFfUwQPIErkR/j+LnxPPS:y15D1q6MU8IJE8yTF8yErcKNPS

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  84a8439718181e12b7b3295edd38a6fb_JaffaCakes118
- Size
  
  45KB
- MD5
  
  84a8439718181e12b7b3295edd38a6fb
- SHA1
  
  9f546ddaa43df0590a3f02bf482c7fa7465d0177
- SHA256
  
  a640f23d223122c5715b722000d623a9b9c16aa6e826a5bfcd223962270da127
- SHA512
  
  da50e39566dae21b5c981fb34ddaec1b7440ab9b385b242f6e0340a7a4724ca5b3c6b8cfac1ee0b4be97a847e0db28f8e42d60540f72bfaf7a3d6df5531dbf02
- SSDEEP
  
  768:yQekwDGyHK6MUhOIJRLBMkpaU0TFfUwQPIErkR/j+LnxPPS:y15D1q6MU8IJE8yTF8yErcKNPS
Score

7^/10

discovery persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence