8dbc40451c03bee56e87a2728b21d166deeb8d41c782b43e5ee01cfaef577767 | Triage

Sharing

General

Target

a78c5e21eecdac76bd039ef6bdb61d95_JaffaCakes118
Size

214KB
Sample

240818-vya7psvdnc
MD5

a78c5e21eecdac76bd039ef6bdb61d95
SHA1

ec6564d5354f8fe22819994c2dfacae1aa675959
SHA256

8dbc40451c03bee56e87a2728b21d166deeb8d41c782b43e5ee01cfaef577767
SHA512

de807f8948936af71f2ae575f957a02a5e7fe993a660498f270170ddf1cd24f9ab64906840ec3936faedc684987c85a01ec5ddb9d1942d2d1e15575563e7bcfe
SSDEEP

6144:GIiLLVEoudLyTmp1R0v8I8/aF7dABUG9Ms5HRr508wygp:8Pvmp1Bo7+KmZ5dTw

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  a78c5e21eecdac76bd039ef6bdb61d95_JaffaCakes118
- Size
  
  214KB
- MD5
  
  a78c5e21eecdac76bd039ef6bdb61d95
- SHA1
  
  ec6564d5354f8fe22819994c2dfacae1aa675959
- SHA256
  
  8dbc40451c03bee56e87a2728b21d166deeb8d41c782b43e5ee01cfaef577767
- SHA512
  
  de807f8948936af71f2ae575f957a02a5e7fe993a660498f270170ddf1cd24f9ab64906840ec3936faedc684987c85a01ec5ddb9d1942d2d1e15575563e7bcfe
- SSDEEP
  
  6144:GIiLLVEoudLyTmp1R0v8I8/aF7dABUG9Ms5HRr508wygp:8Pvmp1Bo7+KmZ5dTw
Score

7^/10

discovery persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2