84133c81f4716b2708de020c1b550eb664a3798d93e0c9369e60d3e7b37530bb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ab5e6dc17cb2e76ccb1f52c528eaca17_JaffaCakes118
Size

42KB
Sample

240819-rpf5tasdrq
MD5

ab5e6dc17cb2e76ccb1f52c528eaca17
SHA1

5425740b54063a3c8583b76047e3bd95d1618789
SHA256

84133c81f4716b2708de020c1b550eb664a3798d93e0c9369e60d3e7b37530bb
SHA512

171f0838c8984fdeb4f63532face3d16e6dfb98ae678b646d824d91d659d1815ee6ca356a15036f584e4964c25a67350ae26e7ecc20a7cfdc401f6894cdb4edf
SSDEEP

768:IdLKLkI+kiAK4PnqK2/S7XpCW8kWpc6xUR4z9yhqGhy2bI:IdLnI+bAKWXwOX/H6a+RyIyI

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  ab5e6dc17cb2e76ccb1f52c528eaca17_JaffaCakes118
- Size
  
  42KB
- MD5
  
  ab5e6dc17cb2e76ccb1f52c528eaca17
- SHA1
  
  5425740b54063a3c8583b76047e3bd95d1618789
- SHA256
  
  84133c81f4716b2708de020c1b550eb664a3798d93e0c9369e60d3e7b37530bb
- SHA512
  
  171f0838c8984fdeb4f63532face3d16e6dfb98ae678b646d824d91d659d1815ee6ca356a15036f584e4964c25a67350ae26e7ecc20a7cfdc401f6894cdb4edf
- SSDEEP
  
  768:IdLKLkI+kiAK4PnqK2/S7XpCW8kWpc6xUR4z9yhqGhy2bI:IdLnI+bAKWXwOX/H6a+RyIyI
Score

7^/10

discovery persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence