dcf51fc0fb014fdbecd6f10f76297796167a79cff663a65302d8ca0b252d69ce | Triage

Sharing

General

Target

873c4bd6b287e83b3ccf5a03638945bc_JaffaCakes118
Size

14KB
Sample

240810-xezgaswhmc
MD5

873c4bd6b287e83b3ccf5a03638945bc
SHA1

6ff057ccc778e9ddaca3e12630371478dc0fce47
SHA256

dcf51fc0fb014fdbecd6f10f76297796167a79cff663a65302d8ca0b252d69ce
SHA512

2a9fef81bba6ac2dfcc92c3bfacd57a5286698f496ba805c625379cef41662ed2caba9a19258f3f5f13e42c423cb84d278ce4e3cdf017875fa55bc6dd4cdee7a
SSDEEP

384:7wAV8wyvdRoGLawZWfR/Xpyx++YK1Dw28wZExb:JEdFLrmxXpo++YKJB8wQb

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  873c4bd6b287e83b3ccf5a03638945bc_JaffaCakes118
- Size
  
  14KB
- MD5
  
  873c4bd6b287e83b3ccf5a03638945bc
- SHA1
  
  6ff057ccc778e9ddaca3e12630371478dc0fce47
- SHA256
  
  dcf51fc0fb014fdbecd6f10f76297796167a79cff663a65302d8ca0b252d69ce
- SHA512
  
  2a9fef81bba6ac2dfcc92c3bfacd57a5286698f496ba805c625379cef41662ed2caba9a19258f3f5f13e42c423cb84d278ce4e3cdf017875fa55bc6dd4cdee7a
- SSDEEP
  
  384:7wAV8wyvdRoGLawZWfR/Xpyx++YK1Dw28wZExb:JEdFLrmxXpo++YKJB8wQb
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence