c41d46bbc72fa31ab97f29cc478b9b3da1df48fa9ba03224b38cc58565bac09e | Triage

Sharing

General

Target

ae00c840c38b2222c233d14d26794bfa_JaffaCakes118
Size

833KB
Sample

240820-f2hzdsyfnn
MD5

ae00c840c38b2222c233d14d26794bfa
SHA1

c1e59ff84beab640724933185bd45a8da6765dd5
SHA256

c41d46bbc72fa31ab97f29cc478b9b3da1df48fa9ba03224b38cc58565bac09e
SHA512

9234af995cd9a9b690e05071943d30b4c46504d7feebe685cca4236257976de71dba1906d4936a2630f171a7410d6b97fb5dad1b364f2b45c23105770caabaec
SSDEEP

24576:2t20YeEs68q2JirOa4M7MEXbgVLJQ22Rbb/TnJW:0YeEslq2Aaad7M4MJw7

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  ae00c840c38b2222c233d14d26794bfa_JaffaCakes118
- Size
  
  833KB
- MD5
  
  ae00c840c38b2222c233d14d26794bfa
- SHA1
  
  c1e59ff84beab640724933185bd45a8da6765dd5
- SHA256
  
  c41d46bbc72fa31ab97f29cc478b9b3da1df48fa9ba03224b38cc58565bac09e
- SHA512
  
  9234af995cd9a9b690e05071943d30b4c46504d7feebe685cca4236257976de71dba1906d4936a2630f171a7410d6b97fb5dad1b364f2b45c23105770caabaec
- SSDEEP
  
  24576:2t20YeEs68q2JirOa4M7MEXbgVLJQ22Rbb/TnJW:0YeEslq2Aaad7M4MJw7
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence