02c27dae52ad83627e8b90d878cb51a921e72d1b8de8879380ded0768e603c1d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d1d768d579a494980aa8b84398f4a62f_JaffaCakes118
Size

634KB
Sample

240907-nqlj5sscnq
MD5

d1d768d579a494980aa8b84398f4a62f
SHA1

8a1f655de356bb97b5820952695c312a972cde37
SHA256

02c27dae52ad83627e8b90d878cb51a921e72d1b8de8879380ded0768e603c1d
SHA512

47a695b1a7ff323c7dc8b59b4cb2cb0bb81628299059dc67825d3f8f2753ca89ad131a81ab3c348a9c341a8698a6064c38eec41350e0aea7cf1a2366117c52bc
SSDEEP

12288:oS+qjwncqmOMwrTcEtwTiFQZ2zAEJx1CUVeeqveoUlaNkNe5:oSVjwlAwrjwTiFQ+jCUgeqveoU0R

Score

6^/10

discovery persistence

Malware Config

Targets

- Target
  
  ASIdle.dll
- Size
  
  74KB
- MD5
  
  e503544766dcf46e85c1492a01da4f4e
- SHA1
  
  438fa95fc919827621bc911087691355715b2d57
- SHA256
  
  3c1770d001e886d8c13c5b9dca3a01de843110d5a54d1e1d16fb61e7de3ad237
- SHA512
  
  1aaee6d7afd99d28b63ac4c7ba403f8929563f528a30944b20369149c29049976c2e3319bccca0c9bfca3bd918c588572499b47d3a04be6d2757ed7d7582d24e
- SSDEEP
  
  1536:jRGXzChBXDf28CrM70hWsCEHW4wc5VlCkN5JfyVkP:oXOhdDaI70lHWbU4vVo
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  AutoShutdown.exe
- Size
  
  1.3MB
- MD5
  
  e0a9a1d822f204870f1c72a68ca5c85a
- SHA1
  
  697deff0878dba2a0f2aaa3554f5d4c0d7bfd066
- SHA256
  
  8ee3d7ad6303f7fb5cd077c1ace0f65c73d18e9da2fd1dc709604ccb5a41a007
- SHA512
  
  e83191270ae540d7c76dd882e05cc639181af9f808126372af6f3e1b021bb2da82c2ccb8d5985826bfc1a5a42967d1bf9179d4d226cd2a5996875852216f9871
- SSDEEP
  
  12288:Hc8fxh0kY71EaOsnnDcLGt4zZpyKkvoc6qXwBCZP+NuJdr7u+mXOzjmbuCT/:HXA1tOsnnDCGu/yKkkOfP++DJjmb9
Score

6^/10

discovery persistence
- Modifies WinLogon
  persistence
behavioral3 behavioral4
- Target
  
  TEMP/W32INST_PATH_
- Size
  
  10KB
- MD5
  
  3b2e23d259394c701050486e642d14fa
- SHA1
  
  4e9661c4ba84400146b80b905f46a0f7ef4d62eb
- SHA256
  
  166d7156142f3ee09fa69eb617dd22e4fd248aa80a1ac08767db6ad99a2705c1
- SHA512
  
  2b792296dffa4e43bc85295dc7691bd29762ce5d9d5eafaa74e199e6a8e5b24aa85d0a1b27776d4719a49b0d29abcf6f240746a209528e608b596b560e5a3b88
- SSDEEP
  
  192:GHil+IWcS5ju90M1hfOENXfzZ7kX65caiPEJd3lBD:J+Dcz9fhtflYqcaiPEJB
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  UNINSTALL_PATH
- Size
  
  149KB
- MD5
  
  973567b98cdfc147df4e60471d9df072
- SHA1
  
  3c4735750c99c63e6861170a8c459a608594211e
- SHA256
  
  69b9dd6160524e0eb44905224f5b1747dfce43243c00c11c87f5c2ec55102876
- SHA512
  
  e891e3a413691eddd895a31293117aec8d151ecf18f84d3aa73bc1c4eb95582df1dfe04d51b7011eb55b5e754e2240de4c6269f9547f3cab3519985da1e07294
- SSDEEP
  
  1536:vtI31IvXRwWxaj2mSKcFoaNLZIlpYBAgu7+YoPgWcSXLJ09MzHAUs:vOFIJ3oVdYUiK7+YoPgWVJooHAU
Score

3^/10

discovery
behavioral7 behavioral8

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

discoverypersistence

behavioral4

discoverypersistence

behavioral5

behavioral6

behavioral7

behavioral8