2de60f0a9603aa9e2e8512772444bb04f249c36b9d9bee825a2ad07d7ce729de | Triage

Sharing

General

Target

b3ef9301868afaace31e7d6a103a9e1f_JaffaCakes118
Size

158KB
Sample

240821-sethtsycpm
MD5

b3ef9301868afaace31e7d6a103a9e1f
SHA1

830b052096194d46853cc7b1dca534987a2efce8
SHA256

2de60f0a9603aa9e2e8512772444bb04f249c36b9d9bee825a2ad07d7ce729de
SHA512

ebbb55a25ad428a3387d1018259967ccac126e09ea5a2f69f5a47f18f6690a9f72b874045601a04ff698656ca8c2c70ab0c63348ab427e65fd5d939befd4087f
SSDEEP

3072:Q7vyirQsl71vUKNG49MWY/LGkSXqwTSGDCScgRy5+QvLfcJPEt:Q7vT/tUKLvYBmS2ZRy5t

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  b3ef9301868afaace31e7d6a103a9e1f_JaffaCakes118
- Size
  
  158KB
- MD5
  
  b3ef9301868afaace31e7d6a103a9e1f
- SHA1
  
  830b052096194d46853cc7b1dca534987a2efce8
- SHA256
  
  2de60f0a9603aa9e2e8512772444bb04f249c36b9d9bee825a2ad07d7ce729de
- SHA512
  
  ebbb55a25ad428a3387d1018259967ccac126e09ea5a2f69f5a47f18f6690a9f72b874045601a04ff698656ca8c2c70ab0c63348ab427e65fd5d939befd4087f
- SSDEEP
  
  3072:Q7vyirQsl71vUKNG49MWY/LGkSXqwTSGDCScgRy5+QvLfcJPEt:Q7vT/tUKLvYBmS2ZRy5t
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence