26f4c53267f63110e40a4b45384fd2c985fd00020e09ba21ae4efcc8a12255d1 | Triage

Sharing

General

Target

b173b9bbebe2ad6ec5fefab57848b7ee_JaffaCakes118
Size

672KB
Sample

240821-aqvads1cpb
MD5

b173b9bbebe2ad6ec5fefab57848b7ee
SHA1

832f1eed11cf60d958021b7ca60961c4129ed1f0
SHA256

26f4c53267f63110e40a4b45384fd2c985fd00020e09ba21ae4efcc8a12255d1
SHA512

16f7e0e1b45b06fd1b6cd738ba509fcac5d731703729338fcbfa68261207033ee649c565df9071f2ff385596f6229a19a3abf05317fa6569457aedbe893b3359
SSDEEP

12288:rvDjzGr+jexYzLvCwH94P9KDqF3Z4mxxNDqVTVOCbqZ:rvDf0+jkwzgKWQmXMVTzbi

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  b173b9bbebe2ad6ec5fefab57848b7ee_JaffaCakes118
- Size
  
  672KB
- MD5
  
  b173b9bbebe2ad6ec5fefab57848b7ee
- SHA1
  
  832f1eed11cf60d958021b7ca60961c4129ed1f0
- SHA256
  
  26f4c53267f63110e40a4b45384fd2c985fd00020e09ba21ae4efcc8a12255d1
- SHA512
  
  16f7e0e1b45b06fd1b6cd738ba509fcac5d731703729338fcbfa68261207033ee649c565df9071f2ff385596f6229a19a3abf05317fa6569457aedbe893b3359
- SSDEEP
  
  12288:rvDjzGr+jexYzLvCwH94P9KDqF3Z4mxxNDqVTVOCbqZ:rvDf0+jkwzgKWQmXMVTzbi
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence