2f5a95709ad1e9fa1323cb80145eaf8e85076cf7ff4d08ce9251db33798aaf97 | Triage

Sharing

General

Target

970b5246d1ec1667033e4a8953365cfa_JaffaCakes118
Size

88KB
Sample

240814-was82svdqc
MD5

970b5246d1ec1667033e4a8953365cfa
SHA1

21b69c9aac00a4cd41b72aee3f2567468701925d
SHA256

2f5a95709ad1e9fa1323cb80145eaf8e85076cf7ff4d08ce9251db33798aaf97
SHA512

c39b5a0722cee57c4a8457aa129d6e7b26f7e1013e0cceca8d57ff5a98c1b9e372b71d0332edd6f4d191601143489fd3b8d62f1e195dc2091d1483483a107231
SSDEEP

1536:dFFsp8lxHT2B5PDeeOQwPDkTQnpNOoFyajGj5j:OpGHT23mjyoFFaj5j

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  970b5246d1ec1667033e4a8953365cfa_JaffaCakes118
- Size
  
  88KB
- MD5
  
  970b5246d1ec1667033e4a8953365cfa
- SHA1
  
  21b69c9aac00a4cd41b72aee3f2567468701925d
- SHA256
  
  2f5a95709ad1e9fa1323cb80145eaf8e85076cf7ff4d08ce9251db33798aaf97
- SHA512
  
  c39b5a0722cee57c4a8457aa129d6e7b26f7e1013e0cceca8d57ff5a98c1b9e372b71d0332edd6f4d191601143489fd3b8d62f1e195dc2091d1483483a107231
- SSDEEP
  
  1536:dFFsp8lxHT2B5PDeeOQwPDkTQnpNOoFyajGj5j:OpGHT23mjyoFFaj5j
Score

8^/10

discovery persistence
- Adds policy Run key to start application
  persistence
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence