b7ba14837c29c6a1380d40e79bf57d55d7e9d2a51a6c8d980dfb77bbe93c1430 | Triage

Sharing

General

Target

d5f79bfe90c231f1764510b03b36761f_JaffaCakes118
Size

9KB
Sample

240909-kjxr2sscla
MD5

d5f79bfe90c231f1764510b03b36761f
SHA1

03e7b10e30b98cfe37d425562b8ed172d8e633e7
SHA256

b7ba14837c29c6a1380d40e79bf57d55d7e9d2a51a6c8d980dfb77bbe93c1430
SHA512

38abf94e88e3f3ee81a59b5a95a83ff7644e4435397d034f17be49c1d467ce46b38b2a854611cb1b2db8892a200845d3bf9ba6d784d6edab6aef94ca3054017e
SSDEEP

192:vayYeZrhL98WlLwh4YrbTs5DtfD5ZGU6k6lrCurYSAwaHeaeMkJaw:zrh8WlLwhFPUr/9PorLrY1wS23h

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  d5f79bfe90c231f1764510b03b36761f_JaffaCakes118
- Size
  
  9KB
- MD5
  
  d5f79bfe90c231f1764510b03b36761f
- SHA1
  
  03e7b10e30b98cfe37d425562b8ed172d8e633e7
- SHA256
  
  b7ba14837c29c6a1380d40e79bf57d55d7e9d2a51a6c8d980dfb77bbe93c1430
- SHA512
  
  38abf94e88e3f3ee81a59b5a95a83ff7644e4435397d034f17be49c1d467ce46b38b2a854611cb1b2db8892a200845d3bf9ba6d784d6edab6aef94ca3054017e
- SSDEEP
  
  192:vayYeZrhL98WlLwh4YrbTs5DtfD5ZGU6k6lrCurYSAwaHeaeMkJaw:zrh8WlLwhFPUr/9PorLrY1wS23h
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence