3b44d705b80666e611b157f3165100e07ccf9e44f77d5bb2368f0439f7be06a5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cf950c65f742da1b553ff5a7f632aca6_JaffaCakes118
Size

33KB
Sample

240906-p6lerayald
MD5

cf950c65f742da1b553ff5a7f632aca6
SHA1

56c792d93490abe9ed2e3b94e226a6dd9658fd18
SHA256

3b44d705b80666e611b157f3165100e07ccf9e44f77d5bb2368f0439f7be06a5
SHA512

fe15ff9f753c007dd6899e46f0406810c155180b4f6e29894b970d86c6528b6385fb25cead3ab954e15b5aa9ebeb83fdc57565e6c8f716021610a437717228a5
SSDEEP

768:VSACC89QIcUyFOIZa+bcvj6S3G7JyaGbarI8S:VSA+LhDmS3GNbGj

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  cf950c65f742da1b553ff5a7f632aca6_JaffaCakes118
- Size
  
  33KB
- MD5
  
  cf950c65f742da1b553ff5a7f632aca6
- SHA1
  
  56c792d93490abe9ed2e3b94e226a6dd9658fd18
- SHA256
  
  3b44d705b80666e611b157f3165100e07ccf9e44f77d5bb2368f0439f7be06a5
- SHA512
  
  fe15ff9f753c007dd6899e46f0406810c155180b4f6e29894b970d86c6528b6385fb25cead3ab954e15b5aa9ebeb83fdc57565e6c8f716021610a437717228a5
- SSDEEP
  
  768:VSACC89QIcUyFOIZa+bcvj6S3G7JyaGbarI8S:VSA+LhDmS3GNbGj
Score

7^/10

discovery persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence