9fa50d12297d7579185e71979e238308b3dfe9cd698ab6ee7b5fad823aa7e7f1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a82b32821738b504f4165483d7eeb490_JaffaCakes118
Size

232KB
Sample

240818-zpldjawhrr
MD5

a82b32821738b504f4165483d7eeb490
SHA1

e4dd76f7b45a3a45c7130a4c2fbb54e77cc4ab40
SHA256

9fa50d12297d7579185e71979e238308b3dfe9cd698ab6ee7b5fad823aa7e7f1
SHA512

39dc875bd0405b313c29963d5bc459a2f404a930ef072bbe3fce4b07d1bfd93a7fd2c540d5ff67eb9be37da20c2bdfbf005a47aa572161dff732af2ec82c2a92
SSDEEP

6144:9hbZ5hMTNFf8LAurlEzAX7o5hn8wVSZ2sXx6:vtXMzqrllX7618wN

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  a82b32821738b504f4165483d7eeb490_JaffaCakes118
- Size
  
  232KB
- MD5
  
  a82b32821738b504f4165483d7eeb490
- SHA1
  
  e4dd76f7b45a3a45c7130a4c2fbb54e77cc4ab40
- SHA256
  
  9fa50d12297d7579185e71979e238308b3dfe9cd698ab6ee7b5fad823aa7e7f1
- SHA512
  
  39dc875bd0405b313c29963d5bc459a2f404a930ef072bbe3fce4b07d1bfd93a7fd2c540d5ff67eb9be37da20c2bdfbf005a47aa572161dff732af2ec82c2a92
- SSDEEP
  
  6144:9hbZ5hMTNFf8LAurlEzAX7o5hn8wVSZ2sXx6:vtXMzqrllX7618wN
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence