a5a4ab3af416a80963fc402bb8368a86cf1d2db62c6b66f3b3c221659ba2ef06 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ae222d0b17a503ff1ed9024d7ad85ea0_JaffaCakes118
Size

689KB
Sample

240820-gvjg1s1apq
MD5

ae222d0b17a503ff1ed9024d7ad85ea0
SHA1

5d12b4b072045572e677c3d7abc45811eae0b00d
SHA256

a5a4ab3af416a80963fc402bb8368a86cf1d2db62c6b66f3b3c221659ba2ef06
SHA512

0615630d44d9cf5ef2e135f971524f6d2ff5ab594f09d4315cbddd7564d0a3147882ba1c56945b317898d128832ded041f83b3a6e444b237bba1e364ecaf549a
SSDEEP

12288:Qn92jaZAxmC3/II/TJtsagInF4O8JNtF3Z4mxx+DqVTVOCxV:iAmChdtsa2fzQmXNVTzxV

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  ae222d0b17a503ff1ed9024d7ad85ea0_JaffaCakes118
- Size
  
  689KB
- MD5
  
  ae222d0b17a503ff1ed9024d7ad85ea0
- SHA1
  
  5d12b4b072045572e677c3d7abc45811eae0b00d
- SHA256
  
  a5a4ab3af416a80963fc402bb8368a86cf1d2db62c6b66f3b3c221659ba2ef06
- SHA512
  
  0615630d44d9cf5ef2e135f971524f6d2ff5ab594f09d4315cbddd7564d0a3147882ba1c56945b317898d128832ded041f83b3a6e444b237bba1e364ecaf549a
- SSDEEP
  
  12288:Qn92jaZAxmC3/II/TJtsagInF4O8JNtF3Z4mxx+DqVTVOCxV:iAmChdtsa2fzQmXNVTzxV
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence