9d4d412736916d3f33056ddb81b3a40acfb5d3ee93fc172a8adf9a77d73f56a0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8599ff13f49df8b9ea995045be513bf7_JaffaCakes118
Size

236KB
Sample

240810-lk1qrsyckf
MD5

8599ff13f49df8b9ea995045be513bf7
SHA1

10f86cbbb627da66a81d04cc561d8ed1377afd28
SHA256

9d4d412736916d3f33056ddb81b3a40acfb5d3ee93fc172a8adf9a77d73f56a0
SHA512

bf490ce4aa45fa23795639f88c30fbd03fb4c44f4d938fcc160cedb8bb33d8494914e1a4f4d879900c1c7c0e1ecd13f1e48772efd2141bad98f649087ab714d3
SSDEEP

1536:Iguo2K86vta10RJQYPIHL+D5IWhxRh/Ci4ucg3/+k5ltr+DRPG8Gz7wk+cQvMp:Go256vS0RJAL+lHPKi40+66iwkD0S

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  8599ff13f49df8b9ea995045be513bf7_JaffaCakes118
- Size
  
  236KB
- MD5
  
  8599ff13f49df8b9ea995045be513bf7
- SHA1
  
  10f86cbbb627da66a81d04cc561d8ed1377afd28
- SHA256
  
  9d4d412736916d3f33056ddb81b3a40acfb5d3ee93fc172a8adf9a77d73f56a0
- SHA512
  
  bf490ce4aa45fa23795639f88c30fbd03fb4c44f4d938fcc160cedb8bb33d8494914e1a4f4d879900c1c7c0e1ecd13f1e48772efd2141bad98f649087ab714d3
- SSDEEP
  
  1536:Iguo2K86vta10RJQYPIHL+D5IWhxRh/Ci4ucg3/+k5ltr+DRPG8Gz7wk+cQvMp:Go256vS0RJAL+lHPKi40+66iwkD0S
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence