2f8b5d3f598e0caf1649242777201fea886122e4198fec2894ff09cd5fc25b54 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

95b15e7cf2780436374764672bb17f32_JaffaCakes118
Size

326KB
Sample

240814-menppaxald
MD5

95b15e7cf2780436374764672bb17f32
SHA1

33943d2c831776ab5f3d6d7ee6a9c7437d898210
SHA256

2f8b5d3f598e0caf1649242777201fea886122e4198fec2894ff09cd5fc25b54
SHA512

5a80c4a3398690723cff9cae70c93c1d60344941367d70d93d935a483b32978fa627d65cbb433b5ef336427fd2c9cefa5c1d276878a0716797cb95727331e14f
SSDEEP

6144:mTP1vilSi/tYfqOCvELNuvQG79JUj7yxFFYppz0FDZHT8KKdiNwbgs6:mTP1vioKOfMsB3G7zeyzFYps5US

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  95b15e7cf2780436374764672bb17f32_JaffaCakes118
- Size
  
  326KB
- MD5
  
  95b15e7cf2780436374764672bb17f32
- SHA1
  
  33943d2c831776ab5f3d6d7ee6a9c7437d898210
- SHA256
  
  2f8b5d3f598e0caf1649242777201fea886122e4198fec2894ff09cd5fc25b54
- SHA512
  
  5a80c4a3398690723cff9cae70c93c1d60344941367d70d93d935a483b32978fa627d65cbb433b5ef336427fd2c9cefa5c1d276878a0716797cb95727331e14f
- SSDEEP
  
  6144:mTP1vilSi/tYfqOCvELNuvQG79JUj7yxFFYppz0FDZHT8KKdiNwbgs6:mTP1vioKOfMsB3G7zeyzFYps5US
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2