678ce5a4f5f113653f54e4c96dec3e50175c9d4ea0fae340ede4d601e6d8a204 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dcffa434c8107da99bb64ed5055697d2_JaffaCakes118
Size

295KB
Sample

240912-zapseatcma
MD5

dcffa434c8107da99bb64ed5055697d2
SHA1

329224766465b871799bcbc3f16ca47eed8f3918
SHA256

678ce5a4f5f113653f54e4c96dec3e50175c9d4ea0fae340ede4d601e6d8a204
SHA512

84e775a15ca7fc62fbb01e2d4bb716571d0c44b06bb49b54a86d5510035b9ca7a4d208c7e80d6cfc6d0417081461c6889ef362421a30772b4415d55df23bf5b4
SSDEEP

6144:Ie34/UC3/V596EVWhSaZ4QgDw3kzPOSZLWJSopNVc5F:ON/swWhPEw0zOvQXF

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  dcffa434c8107da99bb64ed5055697d2_JaffaCakes118
- Size
  
  295KB
- MD5
  
  dcffa434c8107da99bb64ed5055697d2
- SHA1
  
  329224766465b871799bcbc3f16ca47eed8f3918
- SHA256
  
  678ce5a4f5f113653f54e4c96dec3e50175c9d4ea0fae340ede4d601e6d8a204
- SHA512
  
  84e775a15ca7fc62fbb01e2d4bb716571d0c44b06bb49b54a86d5510035b9ca7a4d208c7e80d6cfc6d0417081461c6889ef362421a30772b4415d55df23bf5b4
- SSDEEP
  
  6144:Ie34/UC3/V596EVWhSaZ4QgDw3kzPOSZLWJSopNVc5F:ON/swWhPEw0zOvQXF
Score

7^/10

discovery persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence