fd8458b6899ddc239c3af8a389aa20fdabfc16e474f93e7ad0f696e24df65506 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b23bf12abfaae71d8f755776bacd4bc9_JaffaCakes118
Size

273KB
Sample

240821-f1gd6s1grd
MD5

b23bf12abfaae71d8f755776bacd4bc9
SHA1

afe065de96ff4996296e8db874cbaeb85ee20ef6
SHA256

fd8458b6899ddc239c3af8a389aa20fdabfc16e474f93e7ad0f696e24df65506
SHA512

be791844d707f2b9806992b0aa2dc1ef59a15adeec48444e49a9ea2bd697857099362e6d729f9e7172f24a61428f71cb191d8ca50d2ad12dc747f302d0a8af4b
SSDEEP

6144:9AcdVCfwCMtPf3/5y+DoRlJY5idOyIsHGPs46:1d4jMtH/5y+DwIizIgGPsb

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  b23bf12abfaae71d8f755776bacd4bc9_JaffaCakes118
- Size
  
  273KB
- MD5
  
  b23bf12abfaae71d8f755776bacd4bc9
- SHA1
  
  afe065de96ff4996296e8db874cbaeb85ee20ef6
- SHA256
  
  fd8458b6899ddc239c3af8a389aa20fdabfc16e474f93e7ad0f696e24df65506
- SHA512
  
  be791844d707f2b9806992b0aa2dc1ef59a15adeec48444e49a9ea2bd697857099362e6d729f9e7172f24a61428f71cb191d8ca50d2ad12dc747f302d0a8af4b
- SSDEEP
  
  6144:9AcdVCfwCMtPf3/5y+DoRlJY5idOyIsHGPs46:1d4jMtH/5y+DwIizIgGPsb
Score

7^/10

discovery persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2