a423bd6271b5c8a6a07636fb23951518840e0d4d4f506925620b73d256390d95 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

972c89c5114fae66595e5d3e3817e746_JaffaCakes118
Size

68KB
Sample

240814-w269zs1hnm
MD5

972c89c5114fae66595e5d3e3817e746
SHA1

80a5c4b2d6059761966d62c72f4b519d2e2e3c38
SHA256

a423bd6271b5c8a6a07636fb23951518840e0d4d4f506925620b73d256390d95
SHA512

070f1ab5068675de0293587c7cc844d3d5391f79129283bcc0e2973493ee516bf83b8e8ccf6f38ed9f5320238472834a5585c011cd87d1e03fd0053879ae94e2
SSDEEP

1536:crMQMY3w/UR8JP8zCa/LFjD9eIg+G7cf0jABBweS7:cS9UR8JP8zC8LFHXtNBqd7

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  972c89c5114fae66595e5d3e3817e746_JaffaCakes118
- Size
  
  68KB
- MD5
  
  972c89c5114fae66595e5d3e3817e746
- SHA1
  
  80a5c4b2d6059761966d62c72f4b519d2e2e3c38
- SHA256
  
  a423bd6271b5c8a6a07636fb23951518840e0d4d4f506925620b73d256390d95
- SHA512
  
  070f1ab5068675de0293587c7cc844d3d5391f79129283bcc0e2973493ee516bf83b8e8ccf6f38ed9f5320238472834a5585c011cd87d1e03fd0053879ae94e2
- SSDEEP
  
  1536:crMQMY3w/UR8JP8zCa/LFjD9eIg+G7cf0jABBweS7:cS9UR8JP8zC8LFHXtNBqd7
Score

7^/10

discovery persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence