c233bf245dc963b3fb483c66bb77c3334c4067f16d5cf03a7062af1ef21c2350 | Triage

Sharing

General

Target

d1dbf9c8053050429f561cbeacd487b0_JaffaCakes118
Size

121KB
Sample

240907-nxrpqssfnp
MD5

d1dbf9c8053050429f561cbeacd487b0
SHA1

465fccdd463a32020a412da883144886288db943
SHA256

c233bf245dc963b3fb483c66bb77c3334c4067f16d5cf03a7062af1ef21c2350
SHA512

299c61cd2f75d031d3d0628eaf0d44c98feed87c081beea44f4ab6998f61314e85ce62b6a4066c1206a377034446ecfd0d416aa82e8dcc4c540e065bcba43e13
SSDEEP

1536:cluDlqUqdwsaLdVJ7HJ3JTM0vLigcuSxJbV4Y6IvCaefBJkN+qB0lM+3:tpqUqOtLdVdp3JTM0TmxJbuMCcB022

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  d1dbf9c8053050429f561cbeacd487b0_JaffaCakes118
- Size
  
  121KB
- MD5
  
  d1dbf9c8053050429f561cbeacd487b0
- SHA1
  
  465fccdd463a32020a412da883144886288db943
- SHA256
  
  c233bf245dc963b3fb483c66bb77c3334c4067f16d5cf03a7062af1ef21c2350
- SHA512
  
  299c61cd2f75d031d3d0628eaf0d44c98feed87c081beea44f4ab6998f61314e85ce62b6a4066c1206a377034446ecfd0d416aa82e8dcc4c540e065bcba43e13
- SSDEEP
  
  1536:cluDlqUqdwsaLdVJ7HJ3JTM0vLigcuSxJbV4Y6IvCaefBJkN+qB0lM+3:tpqUqOtLdVdp3JTM0TmxJbuMCcB022
Score

7^/10

discovery persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2
- Target
  
  QuickWebapi.dll
- Size
  
  144KB
- MD5
  
  6dfbaf5b9f0339bc4e99f5cfd8f4c33e
- SHA1
  
  9891f16535b1b3b8641119856ec6d4af90d65235
- SHA256
  
  4c8ce8c70b5ac65b4adccb17f3a5d3c4cbf3615e222b0673c347b20e506f88db
- SHA512
  
  264f282b764a63171302df1ef34b1a75158f081c3bb2704a29b5abd9ef456b5b363c21a30a66d3bfdcbdcb0b311bb2e0ad2b98f794093ac8900a3f2b25639b3e
- SSDEEP
  
  3072:J/2qVvzVNQfNuRIZ11dPVmAgwuVs3es5hH3oIz:J+qhzyN39/uVsl5xoIz
Score

3^/10

discovery
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence

behavioral3

behavioral4