0a319f2d5e56ad26b4b471cda5821e720431cf1de83a3fe26f4fca148c8512a8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d0fed76e2c9e030ed5d9b3158ba0f273_JaffaCakes118
Size

131KB
Sample

240907-d6hhbatbmb
MD5

d0fed76e2c9e030ed5d9b3158ba0f273
SHA1

ca21afe0aa677a1e0151926f57584ad891720b9a
SHA256

0a319f2d5e56ad26b4b471cda5821e720431cf1de83a3fe26f4fca148c8512a8
SHA512

800bc16327888993be21b4dba68a4f4aa8208a12aef8eb8ab7fa0dba00416e01e546d64f6131ca63324121b55711a9032abe37450be8972507ddf3f1d9520b06
SSDEEP

3072:ayF6/Sueh3uJoQl3LKzuxnTkYM6XmJ8hPy6ZAnLc:awh3uJ/l3Lyuq58F/

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  d0fed76e2c9e030ed5d9b3158ba0f273_JaffaCakes118
- Size
  
  131KB
- MD5
  
  d0fed76e2c9e030ed5d9b3158ba0f273
- SHA1
  
  ca21afe0aa677a1e0151926f57584ad891720b9a
- SHA256
  
  0a319f2d5e56ad26b4b471cda5821e720431cf1de83a3fe26f4fca148c8512a8
- SHA512
  
  800bc16327888993be21b4dba68a4f4aa8208a12aef8eb8ab7fa0dba00416e01e546d64f6131ca63324121b55711a9032abe37450be8972507ddf3f1d9520b06
- SSDEEP
  
  3072:ayF6/Sueh3uJoQl3LKzuxnTkYM6XmJ8hPy6ZAnLc:awh3uJ/l3Lyuq58F/
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence