49b8b4cb323bf84e7d3ef0957a2f68cd0dd308bbe842145050b091aa069549fd | Triage

Sharing

General

Target

89d25a49e4eb680d4524d8eb6da7ebef_JaffaCakes118
Size

428KB
Sample

240811-laklsstcnq
MD5

89d25a49e4eb680d4524d8eb6da7ebef
SHA1

57235a86dc818f71127beb95916c692a3988db9a
SHA256

49b8b4cb323bf84e7d3ef0957a2f68cd0dd308bbe842145050b091aa069549fd
SHA512

9c2520b8cc01a68b02c13ee91e757e1ea9427f7e70632fae9492564f0285dfac8e90e8eec996a1133345f36de0701a77c02e671023ac618922cecff028e767fe
SSDEEP

6144:UwXyfAoqCMZQ6L5w/U/OgL3JXepei05tCZ47iIUbfdu4NkVsuaRaU6mHG:pbL5w/U/O4JSJoi47UbfP0aRz6mHG

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  89d25a49e4eb680d4524d8eb6da7ebef_JaffaCakes118
- Size
  
  428KB
- MD5
  
  89d25a49e4eb680d4524d8eb6da7ebef
- SHA1
  
  57235a86dc818f71127beb95916c692a3988db9a
- SHA256
  
  49b8b4cb323bf84e7d3ef0957a2f68cd0dd308bbe842145050b091aa069549fd
- SHA512
  
  9c2520b8cc01a68b02c13ee91e757e1ea9427f7e70632fae9492564f0285dfac8e90e8eec996a1133345f36de0701a77c02e671023ac618922cecff028e767fe
- SSDEEP
  
  6144:UwXyfAoqCMZQ6L5w/U/OgL3JXepei05tCZ47iIUbfdu4NkVsuaRaU6mHG:pbL5w/U/O4JSJoi47UbfP0aRz6mHG
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence