a0f8032cea217968916803cfef14d4a584fed10b28adfc81a0e8dea7dbd9e775 | Triage

Sharing

General

Target

d291ea78ca442790672314d47321cf0e_JaffaCakes118
Size

307KB
Sample

240907-w2m64szfjc
MD5

d291ea78ca442790672314d47321cf0e
SHA1

1754036824332bcab5e59eb204cc980824e97493
SHA256

a0f8032cea217968916803cfef14d4a584fed10b28adfc81a0e8dea7dbd9e775
SHA512

acf27f8c16a25c9a85406bc9680785c16acdd6f6e9439bf6a4886013bf62d93617b25bf0f5558098c54b933c17755ff9ae1bf2a3cdb9891229be99b890d1075d
SSDEEP

6144:Y75chAyGxtKtEd6M0x6/PS6CPkSRnQ1thgCVLYKz6mq:Y9c+DEEo8/3C8cnSuhaLq

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  d291ea78ca442790672314d47321cf0e_JaffaCakes118
- Size
  
  307KB
- MD5
  
  d291ea78ca442790672314d47321cf0e
- SHA1
  
  1754036824332bcab5e59eb204cc980824e97493
- SHA256
  
  a0f8032cea217968916803cfef14d4a584fed10b28adfc81a0e8dea7dbd9e775
- SHA512
  
  acf27f8c16a25c9a85406bc9680785c16acdd6f6e9439bf6a4886013bf62d93617b25bf0f5558098c54b933c17755ff9ae1bf2a3cdb9891229be99b890d1075d
- SSDEEP
  
  6144:Y75chAyGxtKtEd6M0x6/PS6CPkSRnQ1thgCVLYKz6mq:Y9c+DEEo8/3C8cnSuhaLq
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2