a4b9fa3e0bb4f7b734f802414d497ce2c03f563c12f1c5f02d2686d15fa5c24a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

969ae57360f6ad7faa8e47e0a671d144_JaffaCakes118
Size

385KB
Sample

240814-skfh6ayfpb
MD5

969ae57360f6ad7faa8e47e0a671d144
SHA1

be666b41a05ae6ac93f0e065b23e6323fad1d5bf
SHA256

a4b9fa3e0bb4f7b734f802414d497ce2c03f563c12f1c5f02d2686d15fa5c24a
SHA512

9b5e6380c7ababb5c6780d1ded07c5f42fb49f8bd6525a5c5c2a11b91883756a1cb10ffaff870624b3a636afa64af03122674a7291ec08b841d1c9887d7b2948
SSDEEP

6144:q8FT5o7idgK9MOVOk06TEqIkOjD2JAyWLOSgbkffDXRyOFnNk4HMK:7T5o7idgK6OVZkjmDWLLffDhbR

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  969ae57360f6ad7faa8e47e0a671d144_JaffaCakes118
- Size
  
  385KB
- MD5
  
  969ae57360f6ad7faa8e47e0a671d144
- SHA1
  
  be666b41a05ae6ac93f0e065b23e6323fad1d5bf
- SHA256
  
  a4b9fa3e0bb4f7b734f802414d497ce2c03f563c12f1c5f02d2686d15fa5c24a
- SHA512
  
  9b5e6380c7ababb5c6780d1ded07c5f42fb49f8bd6525a5c5c2a11b91883756a1cb10ffaff870624b3a636afa64af03122674a7291ec08b841d1c9887d7b2948
- SSDEEP
  
  6144:q8FT5o7idgK9MOVOk06TEqIkOjD2JAyWLOSgbkffDXRyOFnNk4HMK:7T5o7idgK6OVZkjmDWLLffDhbR
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Remote System Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence