45abb7e32b64132df69273fa84136122f1aabd575877a91d02bd35068de65583 | Triage

Sharing

General

Target

94d5da40e4421d3a3b7c8f9218f5d5ee_JaffaCakes118
Size

196KB
Sample

240813-1gkbyasaqm
MD5

94d5da40e4421d3a3b7c8f9218f5d5ee
SHA1

a4878a8ed2fffcdf6dc49bd85a8997da8d1c17a3
SHA256

45abb7e32b64132df69273fa84136122f1aabd575877a91d02bd35068de65583
SHA512

535ae6f7789cb0b4686450d8f1476c73e80363a39478466a2d77cc02db27cb3ca23cc65b10bd18d48bce67b365ab909138ae036f7ec39f57ea69a7b3891afcf1
SSDEEP

3072:qg/x6Lscx0QmdJ3FDHknHUgTSFCW6zMDz2uhNNpv65nQ+2J9:qWML7xV05FonHhTSF5DFj/i5nP2J9

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  94d5da40e4421d3a3b7c8f9218f5d5ee_JaffaCakes118
- Size
  
  196KB
- MD5
  
  94d5da40e4421d3a3b7c8f9218f5d5ee
- SHA1
  
  a4878a8ed2fffcdf6dc49bd85a8997da8d1c17a3
- SHA256
  
  45abb7e32b64132df69273fa84136122f1aabd575877a91d02bd35068de65583
- SHA512
  
  535ae6f7789cb0b4686450d8f1476c73e80363a39478466a2d77cc02db27cb3ca23cc65b10bd18d48bce67b365ab909138ae036f7ec39f57ea69a7b3891afcf1
- SSDEEP
  
  3072:qg/x6Lscx0QmdJ3FDHknHUgTSFCW6zMDz2uhNNpv65nQ+2J9:qWML7xV05FonHhTSF5DFj/i5nP2J9
Score

7^/10

discovery persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence