3d8f0e09e5941bf8d91f8e61ab6e8f97fa423c04c1694a0ddcc83957e9abf059 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

959a7b3903f0dba2b56aed3ac8575e94_JaffaCakes118
Size

52KB
Sample

240814-lx4m7a1alq
MD5

959a7b3903f0dba2b56aed3ac8575e94
SHA1

d5c3a08cfc2b0a74cbed663872a972aafe3c2f22
SHA256

3d8f0e09e5941bf8d91f8e61ab6e8f97fa423c04c1694a0ddcc83957e9abf059
SHA512

5d1b0863d5cf9f6bf833145c14671b7e2b74a42fb25159f44a87e046c50d8c46ce55ecbf87a3cea889e774c01535d86a6c0a034a3f2a11f478ecd8413d52adb6
SSDEEP

1536:Ghp5yQvXN835moaTt7m0OIFh+1Y9y1xwGw:Gh3LvXE5moaQ0r1k

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  959a7b3903f0dba2b56aed3ac8575e94_JaffaCakes118
- Size
  
  52KB
- MD5
  
  959a7b3903f0dba2b56aed3ac8575e94
- SHA1
  
  d5c3a08cfc2b0a74cbed663872a972aafe3c2f22
- SHA256
  
  3d8f0e09e5941bf8d91f8e61ab6e8f97fa423c04c1694a0ddcc83957e9abf059
- SHA512
  
  5d1b0863d5cf9f6bf833145c14671b7e2b74a42fb25159f44a87e046c50d8c46ce55ecbf87a3cea889e774c01535d86a6c0a034a3f2a11f478ecd8413d52adb6
- SSDEEP
  
  1536:Ghp5yQvXN835moaTt7m0OIFh+1Y9y1xwGw:Gh3LvXE5moaQ0r1k
Score

7^/10

discovery persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence