9804af4cc1f6c7c3ab29d53e5281321328e8b92b067ac47ef1f6e3cca8e206c1 | Triage

Sharing

General

Target

a7030c351afe3f39bb833818d552cfb6_JaffaCakes118
Size

15KB
Sample

240818-rs9ljaxfnd
MD5

a7030c351afe3f39bb833818d552cfb6
SHA1

d54a37e3dfb07c17345a97ecf85d5659de1bea5e
SHA256

9804af4cc1f6c7c3ab29d53e5281321328e8b92b067ac47ef1f6e3cca8e206c1
SHA512

3175245d58f960701b006a8d4411313906d9ab39aa9109251ea048a117ced586d35b0ea7e16b5b240cd0117dff656d744ac259364ab827f98ebd7be751dc7874
SSDEEP

384:Xuf1IbgVUAhI5gDQx73Z3LguBHTPLD9HpUX2y1UeNNnB:IdOAhIKY3JLzn9ab6ebB

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  a7030c351afe3f39bb833818d552cfb6_JaffaCakes118
- Size
  
  15KB
- MD5
  
  a7030c351afe3f39bb833818d552cfb6
- SHA1
  
  d54a37e3dfb07c17345a97ecf85d5659de1bea5e
- SHA256
  
  9804af4cc1f6c7c3ab29d53e5281321328e8b92b067ac47ef1f6e3cca8e206c1
- SHA512
  
  3175245d58f960701b006a8d4411313906d9ab39aa9109251ea048a117ced586d35b0ea7e16b5b240cd0117dff656d744ac259364ab827f98ebd7be751dc7874
- SSDEEP
  
  384:Xuf1IbgVUAhI5gDQx73Z3LguBHTPLD9HpUX2y1UeNNnB:IdOAhIKY3JLzn9ab6ebB
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence