103281870699195ce5853fb2f869da6d98051c680c8be71efffe387c78e2be47 | Triage

Sharing

General

Target

852c6dcc15cd3c8754ace81fd5045b0e_JaffaCakes118
Size

292KB
Sample

240810-hnyh2azcrj
MD5

852c6dcc15cd3c8754ace81fd5045b0e
SHA1

bddff307ec242f31b431398150163517aeb4c8eb
SHA256

103281870699195ce5853fb2f869da6d98051c680c8be71efffe387c78e2be47
SHA512

487c2094a71fc4f21810715b5940f96847870f183b5de4c9b532e03f22c743947452c48eb2859e5330e78baf153474ffadb9d1e0be034c66567b581244d6576e
SSDEEP

6144:cWoJRa9/UdlmXinjBM+69yiq1ZN9pxKK/hHmDVR:JKRCyGPO3xZhHYX

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  852c6dcc15cd3c8754ace81fd5045b0e_JaffaCakes118
- Size
  
  292KB
- MD5
  
  852c6dcc15cd3c8754ace81fd5045b0e
- SHA1
  
  bddff307ec242f31b431398150163517aeb4c8eb
- SHA256
  
  103281870699195ce5853fb2f869da6d98051c680c8be71efffe387c78e2be47
- SHA512
  
  487c2094a71fc4f21810715b5940f96847870f183b5de4c9b532e03f22c743947452c48eb2859e5330e78baf153474ffadb9d1e0be034c66567b581244d6576e
- SSDEEP
  
  6144:cWoJRa9/UdlmXinjBM+69yiq1ZN9pxKK/hHmDVR:JKRCyGPO3xZhHYX
Score

7^/10

discovery persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2