1ae62039478a82a64323fc43db401b93c9e3a297b261b7b3ec8b5e65b0b52b04 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bd4410185ed9625a3332806a3ec81522_JaffaCakes118
Size

16KB
Sample

240823-1k8hyaycph
MD5

bd4410185ed9625a3332806a3ec81522
SHA1

a76235f9ed5df307fd6ca6e7d23737c16a6a698c
SHA256

1ae62039478a82a64323fc43db401b93c9e3a297b261b7b3ec8b5e65b0b52b04
SHA512

c79400c2a1c2853a188f03d43c72d10abb3fbf3890e8865234888a732013ce5f7604c33c5e9cf7ea84c6100ce3f23cb0ecedc9d6b9ce63b06aab0bd45a04ba19
SSDEEP

384:4hGy9aq14EoZDm69LMvixQXrwPxzss/a8u89y:4hGyoql4m0Osf2AaBX

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  bd4410185ed9625a3332806a3ec81522_JaffaCakes118
- Size
  
  16KB
- MD5
  
  bd4410185ed9625a3332806a3ec81522
- SHA1
  
  a76235f9ed5df307fd6ca6e7d23737c16a6a698c
- SHA256
  
  1ae62039478a82a64323fc43db401b93c9e3a297b261b7b3ec8b5e65b0b52b04
- SHA512
  
  c79400c2a1c2853a188f03d43c72d10abb3fbf3890e8865234888a732013ce5f7604c33c5e9cf7ea84c6100ce3f23cb0ecedc9d6b9ce63b06aab0bd45a04ba19
- SSDEEP
  
  384:4hGy9aq14EoZDm69LMvixQXrwPxzss/a8u89y:4hGyoql4m0Osf2AaBX
Score

7^/10

discovery persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2