a3457113f6098ee793514866c6a3ecab7ef10a81e1d965178add997aa16b2573 | Triage

Sharing

General

Target

ad1c750c41c84e6caec526393f26aef1_JaffaCakes118
Size

12KB
Sample

240819-31hcsssgrh
MD5

ad1c750c41c84e6caec526393f26aef1
SHA1

ea4b0fe24408947e02ea24aabf16f2591f7f80f3
SHA256

a3457113f6098ee793514866c6a3ecab7ef10a81e1d965178add997aa16b2573
SHA512

72b3e51d5bcccd09515265c0489ea3c9ec8619d6f18479658cea73f05fbed6d8e128f98cf338580244018a6665740aa2e235093bbe24c121c73e76f3e0729bc5
SSDEEP

384:xc+jY2ZNii+YANVkZpFbml++7U2KOY0Yf:e+jZ4NVkrFb4+4U2QBf

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  ad1c750c41c84e6caec526393f26aef1_JaffaCakes118
- Size
  
  12KB
- MD5
  
  ad1c750c41c84e6caec526393f26aef1
- SHA1
  
  ea4b0fe24408947e02ea24aabf16f2591f7f80f3
- SHA256
  
  a3457113f6098ee793514866c6a3ecab7ef10a81e1d965178add997aa16b2573
- SHA512
  
  72b3e51d5bcccd09515265c0489ea3c9ec8619d6f18479658cea73f05fbed6d8e128f98cf338580244018a6665740aa2e235093bbe24c121c73e76f3e0729bc5
- SSDEEP
  
  384:xc+jY2ZNii+YANVkZpFbml++7U2KOY0Yf:e+jZ4NVkrFb4+4U2QBf
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence