681610beb6e643878a22841b578f504e6130e51571dffb442198b95869d2453d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8d72d19a3011533e9cec01843ce81966_JaffaCakes118
Size

322KB
Sample

240812-fvxtza1emc
MD5

8d72d19a3011533e9cec01843ce81966
SHA1

72cc753189767bdf3c99fadf37f37b7a93ce0abb
SHA256

681610beb6e643878a22841b578f504e6130e51571dffb442198b95869d2453d
SHA512

32093ff3209be0ae7f68ae7ee933a845ae7b731d6f77e8fe7560820876e10522d706aecfdd104287a4b7ebca938421f77117db9bb972ceb3e6a94920dbf478ae
SSDEEP

3072:OD2hT7lKbwfldRMtyyYyOTXsF5vxkjZKWhB0EilgZncHmXAugjZkwkg:ODe7lKbqlMg/yO7oufhBygImAugjZfX

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  8d72d19a3011533e9cec01843ce81966_JaffaCakes118
- Size
  
  322KB
- MD5
  
  8d72d19a3011533e9cec01843ce81966
- SHA1
  
  72cc753189767bdf3c99fadf37f37b7a93ce0abb
- SHA256
  
  681610beb6e643878a22841b578f504e6130e51571dffb442198b95869d2453d
- SHA512
  
  32093ff3209be0ae7f68ae7ee933a845ae7b731d6f77e8fe7560820876e10522d706aecfdd104287a4b7ebca938421f77117db9bb972ceb3e6a94920dbf478ae
- SSDEEP
  
  3072:OD2hT7lKbwfldRMtyyYyOTXsF5vxkjZKWhB0EilgZncHmXAugjZkwkg:ODe7lKbqlMg/yO7oufhBygImAugjZfX
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2