10924e443d4b0f0b50e9873a3290465011852d0f234a1eebc42f5cae0b72defd | Triage

Sharing

General

Target

a4d9eb93a9d4d1b0e22908e72245f256_JaffaCakes118
Size

301KB
Sample

240818-btv7ja1amp
MD5

a4d9eb93a9d4d1b0e22908e72245f256
SHA1

d96778e5fc5a1be680b87e87c30782e3b9e38ed2
SHA256

10924e443d4b0f0b50e9873a3290465011852d0f234a1eebc42f5cae0b72defd
SHA512

8a5ff46e09e0f6a64b909c430da1d040c8e9200ec6a16fe482ccb484a496d46b2703de33fac4ca9e4dbdb47cb90246e0b9bc09962165b2088ed5861fc40c4c7d
SSDEEP

6144:wLz/PUh0ss9gfjleenla+wBS8ymIkdFqpKgmYgRFx7PbiJtM:w//PUh0sZbleeQ+wBSK/gmYgH9zk

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  a4d9eb93a9d4d1b0e22908e72245f256_JaffaCakes118
- Size
  
  301KB
- MD5
  
  a4d9eb93a9d4d1b0e22908e72245f256
- SHA1
  
  d96778e5fc5a1be680b87e87c30782e3b9e38ed2
- SHA256
  
  10924e443d4b0f0b50e9873a3290465011852d0f234a1eebc42f5cae0b72defd
- SHA512
  
  8a5ff46e09e0f6a64b909c430da1d040c8e9200ec6a16fe482ccb484a496d46b2703de33fac4ca9e4dbdb47cb90246e0b9bc09962165b2088ed5861fc40c4c7d
- SSDEEP
  
  6144:wLz/PUh0ss9gfjleenla+wBS8ymIkdFqpKgmYgRFx7PbiJtM:w//PUh0sZbleeQ+wBSK/gmYgH9zk
Score

7^/10

discovery persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2