ed9a1ccabdfd4b700434a8c18f8684298602d1f47bd95835c783d993582fa9a4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d04b0f46099868449ca4ff43697b5fa0_JaffaCakes118
Size

769KB
Sample

240906-x3scwstepn
MD5

d04b0f46099868449ca4ff43697b5fa0
SHA1

d946168be53596d48c4197e52caad8dd35e05a9d
SHA256

ed9a1ccabdfd4b700434a8c18f8684298602d1f47bd95835c783d993582fa9a4
SHA512

cd620ae1c119bedb03c924265e9eaaf0695785f4b02cb9d576ea658dc435d5d100d0dcee205020a22b1c43f19085a9bc59e8fa3fcb3899914f4a0f74edcf2b22
SSDEEP

12288:yhzfDw84KLytkiFU41T8+Pw2Fw/vRwZNdB1I1sLfdDqF3Z4mxx746iYsJkczL4oU:MLkQE81KZNdB1I1oFWQmXvVubzL4o8p

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  d04b0f46099868449ca4ff43697b5fa0_JaffaCakes118
- Size
  
  769KB
- MD5
  
  d04b0f46099868449ca4ff43697b5fa0
- SHA1
  
  d946168be53596d48c4197e52caad8dd35e05a9d
- SHA256
  
  ed9a1ccabdfd4b700434a8c18f8684298602d1f47bd95835c783d993582fa9a4
- SHA512
  
  cd620ae1c119bedb03c924265e9eaaf0695785f4b02cb9d576ea658dc435d5d100d0dcee205020a22b1c43f19085a9bc59e8fa3fcb3899914f4a0f74edcf2b22
- SSDEEP
  
  12288:yhzfDw84KLytkiFU41T8+Pw2Fw/vRwZNdB1I1sLfdDqF3Z4mxx746iYsJkczL4oU:MLkQE81KZNdB1I1oFWQmXvVubzL4o8p
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence