0e31fd35e723e958f50356633c876dcb1c4bec9861a6a29a4bd50b167951b947 | Triage

Sharing

General

Target

abc878be754ecf98bfc0e4b6fc7207f1_JaffaCakes118
Size

308KB
Sample

240819-t8a41syemr
MD5

abc878be754ecf98bfc0e4b6fc7207f1
SHA1

085c88daff2338d256d1d922c32e8de8962246e6
SHA256

0e31fd35e723e958f50356633c876dcb1c4bec9861a6a29a4bd50b167951b947
SHA512

5746dc61d8f1d4a3511d6b7a7cb7ea507cf04805bb71b738545e519567e8659ff35420ce8eb350f9fdbf9ba3862e9f5cd75cd0729c7706c9ffb18a06d4628e90
SSDEEP

6144:tR9L0GjZuVEolNySb7tGhkDVTY1mvLPjAN8PAZ+W46NuCrG7Rts4GUDYVa+:tRJ9ZumWNyaY0W1mv7m8PAnfNQVNqa+

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  abc878be754ecf98bfc0e4b6fc7207f1_JaffaCakes118
- Size
  
  308KB
- MD5
  
  abc878be754ecf98bfc0e4b6fc7207f1
- SHA1
  
  085c88daff2338d256d1d922c32e8de8962246e6
- SHA256
  
  0e31fd35e723e958f50356633c876dcb1c4bec9861a6a29a4bd50b167951b947
- SHA512
  
  5746dc61d8f1d4a3511d6b7a7cb7ea507cf04805bb71b738545e519567e8659ff35420ce8eb350f9fdbf9ba3862e9f5cd75cd0729c7706c9ffb18a06d4628e90
- SSDEEP
  
  6144:tR9L0GjZuVEolNySb7tGhkDVTY1mvLPjAN8PAZ+W46NuCrG7Rts4GUDYVa+:tRJ9ZumWNyaY0W1mv7m8PAnfNQVNqa+
Score

7^/10

discovery persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2