4c4e8205ff0345c620f6e114a79940355022786f0aa7d5a54f4446fa6494dc8d | Triage

Sharing

General

Target

cddd4a95fb57a048fb22b34f311a327c_JaffaCakes118
Size

29KB
Sample

240901-ala1ystepp
MD5

cddd4a95fb57a048fb22b34f311a327c
SHA1

f6419b39811786c4060926123c661e318de33cb2
SHA256

4c4e8205ff0345c620f6e114a79940355022786f0aa7d5a54f4446fa6494dc8d
SHA512

70c501b7755f3813fb8b5240a9f639eea1c7960dbd27f303056ad027a0a081ccedd432521150783e6c12b11aa16f6e11a7c39a013eb773e27a88737a10cefa12
SSDEEP

768:XaNai0Kc9+/4K8AZovKavOL/VFC7LNt8SS:Xawi0KUtdvPO4LD8

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  cddd4a95fb57a048fb22b34f311a327c_JaffaCakes118
- Size
  
  29KB
- MD5
  
  cddd4a95fb57a048fb22b34f311a327c
- SHA1
  
  f6419b39811786c4060926123c661e318de33cb2
- SHA256
  
  4c4e8205ff0345c620f6e114a79940355022786f0aa7d5a54f4446fa6494dc8d
- SHA512
  
  70c501b7755f3813fb8b5240a9f639eea1c7960dbd27f303056ad027a0a081ccedd432521150783e6c12b11aa16f6e11a7c39a013eb773e27a88737a10cefa12
- SSDEEP
  
  768:XaNai0Kc9+/4K8AZovKavOL/VFC7LNt8SS:Xawi0KUtdvPO4LD8
Score

8^/10

discovery persistence
- Adds policy Run key to start application
  persistence
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2