dac6ab3b0366a1b2638ed101c25b3ebe1dd0877d01fb483d76911e376781eadc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b5accf4b7c441908a43a20b5bbfa2396_JaffaCakes118
Size

25KB
Sample

240822-ay2z7sshkr
MD5

b5accf4b7c441908a43a20b5bbfa2396
SHA1

1b1514c89f2bb5df78bc2e8d7712b9740e853d41
SHA256

dac6ab3b0366a1b2638ed101c25b3ebe1dd0877d01fb483d76911e376781eadc
SHA512

e83292f535df177b2117b94c7beb56a20644f95638694020426625ecbb24b440808fda2062ed78b6dd8c07dc9cbf55ab5ed9fcf45b693cab145ca419e39d9e28
SSDEEP

768:Q54IFbjanUh1zUT6sTx1xrRQKES5fWNPU:QeIRanUhC6sl1xFQ8WW

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  b5accf4b7c441908a43a20b5bbfa2396_JaffaCakes118
- Size
  
  25KB
- MD5
  
  b5accf4b7c441908a43a20b5bbfa2396
- SHA1
  
  1b1514c89f2bb5df78bc2e8d7712b9740e853d41
- SHA256
  
  dac6ab3b0366a1b2638ed101c25b3ebe1dd0877d01fb483d76911e376781eadc
- SHA512
  
  e83292f535df177b2117b94c7beb56a20644f95638694020426625ecbb24b440808fda2062ed78b6dd8c07dc9cbf55ab5ed9fcf45b693cab145ca419e39d9e28
- SSDEEP
  
  768:Q54IFbjanUh1zUT6sTx1xrRQKES5fWNPU:QeIRanUhC6sl1xFQ8WW
Score

7^/10

discovery persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence