850ed6a375bb6ee55050a74ac7a4686eee75fdd707f2463fdb1a027e0c004fd5 | Triage

Sharing

General

Target

db9fb326a7357fd639117729f9a999ea_JaffaCakes118
Size

341KB
Sample

240912-cg6ceawana
MD5

db9fb326a7357fd639117729f9a999ea
SHA1

78d3a4e28fed3dc4321d722f11067afd81c50f1f
SHA256

850ed6a375bb6ee55050a74ac7a4686eee75fdd707f2463fdb1a027e0c004fd5
SHA512

1ed0a9c503463cb0f937c0b6bf59b14e4c9853727e68608a8dd4133ccd70c5229eecee005a5730a5f9dc97c34d6dd321daef15a77f731ff32fab33cc04360931
SSDEEP

6144:BmS7Spg1M7PyaQB74fo4UDblEzNENyRDUVpbCmV7WLXIqW:BduWCP/kMWDblsNjDmJWLu

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  db9fb326a7357fd639117729f9a999ea_JaffaCakes118
- Size
  
  341KB
- MD5
  
  db9fb326a7357fd639117729f9a999ea
- SHA1
  
  78d3a4e28fed3dc4321d722f11067afd81c50f1f
- SHA256
  
  850ed6a375bb6ee55050a74ac7a4686eee75fdd707f2463fdb1a027e0c004fd5
- SHA512
  
  1ed0a9c503463cb0f937c0b6bf59b14e4c9853727e68608a8dd4133ccd70c5229eecee005a5730a5f9dc97c34d6dd321daef15a77f731ff32fab33cc04360931
- SSDEEP
  
  6144:BmS7Spg1M7PyaQB74fo4UDblEzNENyRDUVpbCmV7WLXIqW:BduWCP/kMWDblsNjDmJWLu
Score

7^/10

discovery persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2