742c6bab7f34ba7d4d3456ba8d7704338230c366ded15417642df0a5a4a04ef5 | Triage

Sharing

General

Target

b9d096978d2c4d1bfd07531ad87c977d_JaffaCakes118
Size

316KB
Sample

240823-brqt2azhlm
MD5

b9d096978d2c4d1bfd07531ad87c977d
SHA1

33a30a499160f657f2f25ba5f4aed3bcf83ce12e
SHA256

742c6bab7f34ba7d4d3456ba8d7704338230c366ded15417642df0a5a4a04ef5
SHA512

260d56ff8d1bd9c760473f7e29705743fae4dd69b8ec5682b4453f4dcf9dd0909c72a7a216cdf1c08dcde97ef4b32139aa5555e902347d90a52473531f0c638d
SSDEEP

6144:0mirOgxyX2JaOVT8yXGa9DDMrWVtjPlQdEBqL05j7lFkx:WKD6VsqnVfQdEA24

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  b9d096978d2c4d1bfd07531ad87c977d_JaffaCakes118
- Size
  
  316KB
- MD5
  
  b9d096978d2c4d1bfd07531ad87c977d
- SHA1
  
  33a30a499160f657f2f25ba5f4aed3bcf83ce12e
- SHA256
  
  742c6bab7f34ba7d4d3456ba8d7704338230c366ded15417642df0a5a4a04ef5
- SHA512
  
  260d56ff8d1bd9c760473f7e29705743fae4dd69b8ec5682b4453f4dcf9dd0909c72a7a216cdf1c08dcde97ef4b32139aa5555e902347d90a52473531f0c638d
- SSDEEP
  
  6144:0mirOgxyX2JaOVT8yXGa9DDMrWVtjPlQdEBqL05j7lFkx:WKD6VsqnVfQdEA24
Score

7^/10

discovery persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2