b16b4d62e493ea2bbfc46f458fc0bf0f5384a0590eac7bc450fa521f91fb39a4 | Triage

Sharing

General

Target

a5d32d6f8376f8efbdb9dd8633a055d2_JaffaCakes118
Size

197KB
Sample

240818-hvaqjsvbqr
MD5

a5d32d6f8376f8efbdb9dd8633a055d2
SHA1

553bb1b973e8adc2b118b30af2a726ecab10858d
SHA256

b16b4d62e493ea2bbfc46f458fc0bf0f5384a0590eac7bc450fa521f91fb39a4
SHA512

97d79a18d18b8bd93128aa63531757a836e664e22e4292578cf261898ab36aae95c4c665d110717b3f94932ec9051a6dae15cecff323e732bf641748a1e5c391
SSDEEP

3072:hGu9BlfzWIbXWm+w0J05RjuUtpjnpC5AIHQFwFBuzAWtG3BJ+ed2PoLT:h/0uoqtpzpEIGFwztGRJL0q

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  a5d32d6f8376f8efbdb9dd8633a055d2_JaffaCakes118
- Size
  
  197KB
- MD5
  
  a5d32d6f8376f8efbdb9dd8633a055d2
- SHA1
  
  553bb1b973e8adc2b118b30af2a726ecab10858d
- SHA256
  
  b16b4d62e493ea2bbfc46f458fc0bf0f5384a0590eac7bc450fa521f91fb39a4
- SHA512
  
  97d79a18d18b8bd93128aa63531757a836e664e22e4292578cf261898ab36aae95c4c665d110717b3f94932ec9051a6dae15cecff323e732bf641748a1e5c391
- SSDEEP
  
  3072:hGu9BlfzWIbXWm+w0J05RjuUtpjnpC5AIHQFwFBuzAWtG3BJ+ed2PoLT:h/0uoqtpzpEIGFwztGRJL0q
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence