5754a4fc520d4081ac4aefa2fcc4e905521bcf520a2339e56dacd0c0cf640aa9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b19118225bdc95563ce2247630797d85_JaffaCakes118
Size

120KB
Sample

240821-bdql4swdmk
MD5

b19118225bdc95563ce2247630797d85
SHA1

df8291327333a737993dce977043963764370e1f
SHA256

5754a4fc520d4081ac4aefa2fcc4e905521bcf520a2339e56dacd0c0cf640aa9
SHA512

e2243cf4084efc4678a83f61d83022300ba9afe67c12f3ad5107cee8c095694ffffe3707a8852ad2bac80d0af794f2b4a02c46c344650917d52d64c9f29cbbd5
SSDEEP

1536:TvYqZJQkv80n3qFQurSHvCmqR0lgB2lpMtVco81tBA30bAKbYIEOyM:T5JDk0G3rSPCkgwDMtCo8HPbfwOy

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  b19118225bdc95563ce2247630797d85_JaffaCakes118
- Size
  
  120KB
- MD5
  
  b19118225bdc95563ce2247630797d85
- SHA1
  
  df8291327333a737993dce977043963764370e1f
- SHA256
  
  5754a4fc520d4081ac4aefa2fcc4e905521bcf520a2339e56dacd0c0cf640aa9
- SHA512
  
  e2243cf4084efc4678a83f61d83022300ba9afe67c12f3ad5107cee8c095694ffffe3707a8852ad2bac80d0af794f2b4a02c46c344650917d52d64c9f29cbbd5
- SSDEEP
  
  1536:TvYqZJQkv80n3qFQurSHvCmqR0lgB2lpMtVco81tBA30bAKbYIEOyM:T5JDk0G3rSPCkgwDMtCo8HPbfwOy
Score

7^/10

persistence discovery
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence