44c62c480fb642f1161af6f5cd91e920a7b1d40fc55f84fee0bf1e3b6fe7e319 | Triage

Sharing

General

Target

b3eac2ee5b29251d724762ae22798879_JaffaCakes118
Size

192KB
Sample

240821-sav6vsyamq
MD5

b3eac2ee5b29251d724762ae22798879
SHA1

44bd251ca95fd1bb478e471d30bc55648446395b
SHA256

44c62c480fb642f1161af6f5cd91e920a7b1d40fc55f84fee0bf1e3b6fe7e319
SHA512

5d0c6f79997c0492c335158a6744227a79e58df09ffcf72b25dec114518decd5285f49d5141d6d0afa2f291c9ad91dcc9b8f190760817435a697986b26d1917d
SSDEEP

3072:7EGCW7EPJZ3COgdUX4V9fje+5yVUnzhbhGumUX4V9fje+:7PCW7ErgVTje+FnNhGu4Tje+

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  b3eac2ee5b29251d724762ae22798879_JaffaCakes118
- Size
  
  192KB
- MD5
  
  b3eac2ee5b29251d724762ae22798879
- SHA1
  
  44bd251ca95fd1bb478e471d30bc55648446395b
- SHA256
  
  44c62c480fb642f1161af6f5cd91e920a7b1d40fc55f84fee0bf1e3b6fe7e319
- SHA512
  
  5d0c6f79997c0492c335158a6744227a79e58df09ffcf72b25dec114518decd5285f49d5141d6d0afa2f291c9ad91dcc9b8f190760817435a697986b26d1917d
- SSDEEP
  
  3072:7EGCW7EPJZ3COgdUX4V9fje+5yVUnzhbhGumUX4V9fje+:7PCW7ErgVTje+FnNhGu4Tje+
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence