ba81ef58989ae826624d0f77c7dcb758387bc2fb9c1710dfcfe3a867f125692b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

86dbf5abca974b6dd9d5f7b4e03797e8_JaffaCakes118
Size

144KB
Sample

240810-t9h61sscnh
MD5

86dbf5abca974b6dd9d5f7b4e03797e8
SHA1

9cc7c3d681c70895820c20a3157045173b163d0e
SHA256

ba81ef58989ae826624d0f77c7dcb758387bc2fb9c1710dfcfe3a867f125692b
SHA512

38084304de2e8b129eaa9d233dcf43326821cda65e13dd492710afcd082a1b8d1ed7368baed078cef848cf2e67c5cf07e27633fea64f96da8777a9f75dd1a472
SSDEEP

3072:BHqM057ZSBYfkVoFdRrqo0aRaA/HF673+UWHIfr:BHqMcNkVsuaRaU6mHG

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  86dbf5abca974b6dd9d5f7b4e03797e8_JaffaCakes118
- Size
  
  144KB
- MD5
  
  86dbf5abca974b6dd9d5f7b4e03797e8
- SHA1
  
  9cc7c3d681c70895820c20a3157045173b163d0e
- SHA256
  
  ba81ef58989ae826624d0f77c7dcb758387bc2fb9c1710dfcfe3a867f125692b
- SHA512
  
  38084304de2e8b129eaa9d233dcf43326821cda65e13dd492710afcd082a1b8d1ed7368baed078cef848cf2e67c5cf07e27633fea64f96da8777a9f75dd1a472
- SSDEEP
  
  3072:BHqM057ZSBYfkVoFdRrqo0aRaA/HF673+UWHIfr:BHqMcNkVsuaRaU6mHG
Score

7^/10

discovery persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence