5a63e3e9b77a15373809956adf9173643eb3183b47fafd9233df28b6e3f0505d | Triage

Sharing

General

Target

89ec96e9a77d8ef3ae1885e6206448ea_JaffaCakes118
Size

2.0MB
Sample

240811-lws53avblk
MD5

89ec96e9a77d8ef3ae1885e6206448ea
SHA1

e2fd242f5578c48fd6a093ffbf425bacf535c8ae
SHA256

5a63e3e9b77a15373809956adf9173643eb3183b47fafd9233df28b6e3f0505d
SHA512

676b25dae7ded8db115644b9b7a0eb12c5a37b2fd525765d74fd7714e5ea6e104b374bbe5eb55148f08ecf3955ff89c041914f0180f28b5626dbf615cf8911da
SSDEEP

49152:HAb8dSH+hNGUwqvjdVyFM545r/mgnogj7za2m89Iiw7yANDAdaCXmFh5+PV5+PHq:gbGwdqvjdVyFM545r/mgn/j7za2m89I+

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  89ec96e9a77d8ef3ae1885e6206448ea_JaffaCakes118
- Size
  
  2.0MB
- MD5
  
  89ec96e9a77d8ef3ae1885e6206448ea
- SHA1
  
  e2fd242f5578c48fd6a093ffbf425bacf535c8ae
- SHA256
  
  5a63e3e9b77a15373809956adf9173643eb3183b47fafd9233df28b6e3f0505d
- SHA512
  
  676b25dae7ded8db115644b9b7a0eb12c5a37b2fd525765d74fd7714e5ea6e104b374bbe5eb55148f08ecf3955ff89c041914f0180f28b5626dbf615cf8911da
- SSDEEP
  
  49152:HAb8dSH+hNGUwqvjdVyFM545r/mgnogj7za2m89Iiw7yANDAdaCXmFh5+PV5+PHq:gbGwdqvjdVyFM545r/mgn/j7za2m89I+
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence