8644a6793527f712f2e3315b826db54aa518ccf7ac51a697c25b0dcd4538fc95 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bf648c83cf5ec27301fa843d9b8a560e_JaffaCakes118
Size

232KB
Sample

240824-zrbbcaygjd
MD5

bf648c83cf5ec27301fa843d9b8a560e
SHA1

a6e08c91a198c4dc7ce0a1abf139c791b53cc99b
SHA256

8644a6793527f712f2e3315b826db54aa518ccf7ac51a697c25b0dcd4538fc95
SHA512

e0e128e10278e05c2e1517fc9f9745533404dda971bf10a27d37b4818f0c9d308b2958ea4fef11c5718256e89f68170f8dc54e23fbf74595e9016249d0be00e2
SSDEEP

6144:9hbZ5hMTNFf8LAurlEzAX7o5hn8wVSZ2sXx6:vtXMzqrllX7618wJ

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  bf648c83cf5ec27301fa843d9b8a560e_JaffaCakes118
- Size
  
  232KB
- MD5
  
  bf648c83cf5ec27301fa843d9b8a560e
- SHA1
  
  a6e08c91a198c4dc7ce0a1abf139c791b53cc99b
- SHA256
  
  8644a6793527f712f2e3315b826db54aa518ccf7ac51a697c25b0dcd4538fc95
- SHA512
  
  e0e128e10278e05c2e1517fc9f9745533404dda971bf10a27d37b4818f0c9d308b2958ea4fef11c5718256e89f68170f8dc54e23fbf74595e9016249d0be00e2
- SSDEEP
  
  6144:9hbZ5hMTNFf8LAurlEzAX7o5hn8wVSZ2sXx6:vtXMzqrllX7618wJ
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence