303aa4278195661edafcba6d68d9c6197d1d7e386f9da5eb68c7ec9fd24a2d33 | Triage

Sharing

General

Target

da53c76c0440b8e6f301d701b99900c7_JaffaCakes118
Size

48KB
Sample

240911-pekzxazbrj
MD5

da53c76c0440b8e6f301d701b99900c7
SHA1

5b99726a3ba148937a42fd12b64d2bef4e927c29
SHA256

303aa4278195661edafcba6d68d9c6197d1d7e386f9da5eb68c7ec9fd24a2d33
SHA512

c6e85689c9dfe23af2e56243461f97f06393fc24607c09019ad8342492799dada295cb05042dcad3a197ce699cafe367107f3903675df7fbebf81541c8c792d0
SSDEEP

768:QtgRpI+6ZldnK3O4fcJBAvdNqvAci8RWFPqzwnlYlNEqii586T:FU5dnq4aveP7UFPqzwnlmEO3

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  da53c76c0440b8e6f301d701b99900c7_JaffaCakes118
- Size
  
  48KB
- MD5
  
  da53c76c0440b8e6f301d701b99900c7
- SHA1
  
  5b99726a3ba148937a42fd12b64d2bef4e927c29
- SHA256
  
  303aa4278195661edafcba6d68d9c6197d1d7e386f9da5eb68c7ec9fd24a2d33
- SHA512
  
  c6e85689c9dfe23af2e56243461f97f06393fc24607c09019ad8342492799dada295cb05042dcad3a197ce699cafe367107f3903675df7fbebf81541c8c792d0
- SSDEEP
  
  768:QtgRpI+6ZldnK3O4fcJBAvdNqvAci8RWFPqzwnlYlNEqii586T:FU5dnq4aveP7UFPqzwnlmEO3
Score

8^/10

discovery persistence
- Adds policy Run key to start application
  persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence