bb12b8c9251ab9fcff6d1b37d65452f54e2a4777804b714cb1d21d42c80ed171 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b2ec8835e09e15099e7cace021e0e310_JaffaCakes118
Size

54KB
Sample

240821-lc8rea1ama
MD5

b2ec8835e09e15099e7cace021e0e310
SHA1

2b2c35e946d98c9f54359373664d5732823b86b4
SHA256

bb12b8c9251ab9fcff6d1b37d65452f54e2a4777804b714cb1d21d42c80ed171
SHA512

fd68d737083f737204dfb578ddcb4888778d7b9427e2bd799b29cc25531c18f7e130f6d9a29095a4f61c6009729eca4ed6743fb415578a28f1d9f94959c40bb0
SSDEEP

1536:KSk3dRIhIU75kWHUcl/QvCkvuKHGs4sS:KW2WzlVkvuKosS

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  b2ec8835e09e15099e7cace021e0e310_JaffaCakes118
- Size
  
  54KB
- MD5
  
  b2ec8835e09e15099e7cace021e0e310
- SHA1
  
  2b2c35e946d98c9f54359373664d5732823b86b4
- SHA256
  
  bb12b8c9251ab9fcff6d1b37d65452f54e2a4777804b714cb1d21d42c80ed171
- SHA512
  
  fd68d737083f737204dfb578ddcb4888778d7b9427e2bd799b29cc25531c18f7e130f6d9a29095a4f61c6009729eca4ed6743fb415578a28f1d9f94959c40bb0
- SSDEEP
  
  1536:KSk3dRIhIU75kWHUcl/QvCkvuKHGs4sS:KW2WzlVkvuKosS
Score

8^/10

discovery persistence
- Adds policy Run key to start application
  persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence