3a3e18f17264547fda9ffb88623a0b01fbc6230fcf8e28233a24c92421bf4df1 | Triage

Sharing

General

Target

b42c5e38d636d84912dc967b46c09909_JaffaCakes118
Size

25KB
Sample

240821-tv1grayemb
MD5

b42c5e38d636d84912dc967b46c09909
SHA1

d846510fd49ec8a09433cda320a8ba8cfd6b2c89
SHA256

3a3e18f17264547fda9ffb88623a0b01fbc6230fcf8e28233a24c92421bf4df1
SHA512

218473cdae9cbdb51d6a9b6e166bf01bc60816bccc34f4f3fd0238c093682e14c3420b33362c15c6cc5f828d3766691b58789912ada082624707449a6b5bd9c7
SSDEEP

768:KSgjuGU4t3agk66U4aDwnzroD0RDAL9Azv5:K3aGvZpkE4aDWzr4QmMv5

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  b42c5e38d636d84912dc967b46c09909_JaffaCakes118
- Size
  
  25KB
- MD5
  
  b42c5e38d636d84912dc967b46c09909
- SHA1
  
  d846510fd49ec8a09433cda320a8ba8cfd6b2c89
- SHA256
  
  3a3e18f17264547fda9ffb88623a0b01fbc6230fcf8e28233a24c92421bf4df1
- SHA512
  
  218473cdae9cbdb51d6a9b6e166bf01bc60816bccc34f4f3fd0238c093682e14c3420b33362c15c6cc5f828d3766691b58789912ada082624707449a6b5bd9c7
- SSDEEP
  
  768:KSgjuGU4t3agk66U4aDwnzroD0RDAL9Azv5:K3aGvZpkE4aDWzr4QmMv5
Score

7^/10

discovery persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence