5ef4956ce621ab97852d25fc4718c3596e8f551a6aa3695d3b50d2fde58f2a50 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

89063d7f3126ecfc5eb09da38e5a1564_JaffaCakes118
Size

169KB
Sample

240811-faj3davhpp
MD5

89063d7f3126ecfc5eb09da38e5a1564
SHA1

da059f9e6508a9936260930ef0d60c317d7cba51
SHA256

5ef4956ce621ab97852d25fc4718c3596e8f551a6aa3695d3b50d2fde58f2a50
SHA512

e67859f98bf9868d09580e886f1b97f63e7d0c149085c8675f450670623bf29aa6794b1b198ac6bf2306f9d43c34ef873278d4c78367c40a5296e684c8427bea
SSDEEP

3072:3r0GM3jeMfrmorxDstDk+J7ybevD5th6MzA0VXLi9h++UEt:7xMz/frmIAtDk+JmbedthFzAQmJUEt

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  89063d7f3126ecfc5eb09da38e5a1564_JaffaCakes118
- Size
  
  169KB
- MD5
  
  89063d7f3126ecfc5eb09da38e5a1564
- SHA1
  
  da059f9e6508a9936260930ef0d60c317d7cba51
- SHA256
  
  5ef4956ce621ab97852d25fc4718c3596e8f551a6aa3695d3b50d2fde58f2a50
- SHA512
  
  e67859f98bf9868d09580e886f1b97f63e7d0c149085c8675f450670623bf29aa6794b1b198ac6bf2306f9d43c34ef873278d4c78367c40a5296e684c8427bea
- SSDEEP
  
  3072:3r0GM3jeMfrmorxDstDk+J7ybevD5th6MzA0VXLi9h++UEt:7xMz/frmIAtDk+JmbedthFzAQmJUEt
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence