7a2c7feceacd160a3763dd906abd503b124675514d800cfc0d79f7fe332fbbe1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

851af289727f20817be8263fdd95f719_JaffaCakes118
Size

23KB
Sample

240810-g7499atbmh
MD5

851af289727f20817be8263fdd95f719
SHA1

efce993d9019fb2fa21cb69f8a206330c709d256
SHA256

7a2c7feceacd160a3763dd906abd503b124675514d800cfc0d79f7fe332fbbe1
SHA512

f2f7c7ef4e05914a4dc79a5f930e14b661ee3857ebc7506e402bf8cda7629e303929f2a8a7fda11149362c1aa2efe3804d3a511271f18877a5d337be3f82814b
SSDEEP

384:kCJ+tXZZTjnGnYBgLbDEb/f0/qz0wLs/ThCdx/QWPG6Dp7wuhXff79BwpOkD:fJ+tnngLUbE/bwShCd9rG6tlf73wLD

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  851af289727f20817be8263fdd95f719_JaffaCakes118
- Size
  
  23KB
- MD5
  
  851af289727f20817be8263fdd95f719
- SHA1
  
  efce993d9019fb2fa21cb69f8a206330c709d256
- SHA256
  
  7a2c7feceacd160a3763dd906abd503b124675514d800cfc0d79f7fe332fbbe1
- SHA512
  
  f2f7c7ef4e05914a4dc79a5f930e14b661ee3857ebc7506e402bf8cda7629e303929f2a8a7fda11149362c1aa2efe3804d3a511271f18877a5d337be3f82814b
- SSDEEP
  
  384:kCJ+tXZZTjnGnYBgLbDEb/f0/qz0wLs/ThCdx/QWPG6Dp7wuhXff79BwpOkD:fJ+tnngLUbE/bwShCd9rG6tlf73wLD
Score

7^/10

discovery persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence