9d2909e42ae2901f0a03db9d835dc20fb7215eb269c435cb61f38efb5f19f3d8 | Triage

Sharing

General

Target

96cd6fc3b1bf03e84cb23e70ad32a805_JaffaCakes118
Size

341KB
Sample

240814-tznnrawgrq
MD5

96cd6fc3b1bf03e84cb23e70ad32a805
SHA1

1ba648d316e8db6051385dfb382f53cf0b7875c7
SHA256

9d2909e42ae2901f0a03db9d835dc20fb7215eb269c435cb61f38efb5f19f3d8
SHA512

c629ceff691a91ba4b90a483072450bf681100cb6cd9d5a9711fc7e942bd4ff97a0802460da1ecf5aa2615901cab18fc61a2237af41e9a6bd7649071597ebc51
SSDEEP

6144:Nm397Spg1M7PyaQB74fo4UDblEzNENyRDUVpbCmV77vNP82qU:NU9uWCP/kMWDblsNjDmJ7V02t

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  96cd6fc3b1bf03e84cb23e70ad32a805_JaffaCakes118
- Size
  
  341KB
- MD5
  
  96cd6fc3b1bf03e84cb23e70ad32a805
- SHA1
  
  1ba648d316e8db6051385dfb382f53cf0b7875c7
- SHA256
  
  9d2909e42ae2901f0a03db9d835dc20fb7215eb269c435cb61f38efb5f19f3d8
- SHA512
  
  c629ceff691a91ba4b90a483072450bf681100cb6cd9d5a9711fc7e942bd4ff97a0802460da1ecf5aa2615901cab18fc61a2237af41e9a6bd7649071597ebc51
- SSDEEP
  
  6144:Nm397Spg1M7PyaQB74fo4UDblEzNENyRDUVpbCmV77vNP82qU:NU9uWCP/kMWDblsNjDmJ7V02t
Score

7^/10

discovery persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2