af67763aafa2da26f5ad2a40cc3ad59f0be38e5efe75806828b999cd01233d4b | Triage

Sharing

General

Target

d2b883eb8d001ef028c2496041f88cea_JaffaCakes118
Size

1.8MB
Sample

240907-ypbcwssajn
MD5

d2b883eb8d001ef028c2496041f88cea
SHA1

35d3094d41216b928b638fb7407cb79b5b447f97
SHA256

af67763aafa2da26f5ad2a40cc3ad59f0be38e5efe75806828b999cd01233d4b
SHA512

6a9c4c670e34fed351e90fe6e7cf850f9421f161253f7cda7664a56b867989bcc0cd6882242b0548976cd25615401f922f729f35a2e397eb3f1f5d6273e1bfac
SSDEEP

49152:/ebIEOe4EqnYBn5gcaMuD24W387ShHc30RLNzvLNS4:/ebIE5NqY9aMuDnWf83spzjY4

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  d2b883eb8d001ef028c2496041f88cea_JaffaCakes118
- Size
  
  1.8MB
- MD5
  
  d2b883eb8d001ef028c2496041f88cea
- SHA1
  
  35d3094d41216b928b638fb7407cb79b5b447f97
- SHA256
  
  af67763aafa2da26f5ad2a40cc3ad59f0be38e5efe75806828b999cd01233d4b
- SHA512
  
  6a9c4c670e34fed351e90fe6e7cf850f9421f161253f7cda7664a56b867989bcc0cd6882242b0548976cd25615401f922f729f35a2e397eb3f1f5d6273e1bfac
- SSDEEP
  
  49152:/ebIEOe4EqnYBn5gcaMuD24W387ShHc30RLNzvLNS4:/ebIE5NqY9aMuDnWf83spzjY4
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence