11ad46043a47c5860a68b5d7df41a7a6100bc41fa922f6ea00d33b94a74f7a14 | Triage

Sharing

General

Target

dd383246a35f391de4f2ba037197e9e6_JaffaCakes118
Size

47KB
Sample

240912-28t6ws1ank
MD5

dd383246a35f391de4f2ba037197e9e6
SHA1

a4a24e0945f9d3e1e568d4e9e12e175cb44369c3
SHA256

11ad46043a47c5860a68b5d7df41a7a6100bc41fa922f6ea00d33b94a74f7a14
SHA512

f42c7b356e6cfc0900e34cc53d681b69ca87efb29346b76b57082f3d3f3fdc22e373f53856373c78afaf901d200fcb5ad6f14078fa7098ca226d7d30eb862733
SSDEEP

768:KhG1Su0dyKMO/eU0oOGNGM6Oyeljfg3kbfUudjP7ROfbnPovodFRegIZf1c/nN2e:agI4cea8M6OyelDn7dz6nPovoTRK18Nt

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  dd383246a35f391de4f2ba037197e9e6_JaffaCakes118
- Size
  
  47KB
- MD5
  
  dd383246a35f391de4f2ba037197e9e6
- SHA1
  
  a4a24e0945f9d3e1e568d4e9e12e175cb44369c3
- SHA256
  
  11ad46043a47c5860a68b5d7df41a7a6100bc41fa922f6ea00d33b94a74f7a14
- SHA512
  
  f42c7b356e6cfc0900e34cc53d681b69ca87efb29346b76b57082f3d3f3fdc22e373f53856373c78afaf901d200fcb5ad6f14078fa7098ca226d7d30eb862733
- SSDEEP
  
  768:KhG1Su0dyKMO/eU0oOGNGM6Oyeljfg3kbfUudjP7ROfbnPovodFRegIZf1c/nN2e:agI4cea8M6OyelDn7dz6nPovoTRK18Nt
Score

8^/10

discovery persistence
- Adds policy Run key to start application
  persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence