470750441dd929d7157cda9128f7579e1dc120e755136b2107d29930343181e1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

de498afc8c191f5ab7e19148336e14c2_JaffaCakes118
Size

136KB
Sample

240913-pdgabs1cpd
MD5

de498afc8c191f5ab7e19148336e14c2
SHA1

b556a6a3da5c62289c261bb0eeafa346cb719a0c
SHA256

470750441dd929d7157cda9128f7579e1dc120e755136b2107d29930343181e1
SHA512

5e71efe6dc0997fcc7befb51d57f426c3a183e484b3b15426e2030f515a32a23bdb385f11862afb70e30bcf0fd77e6ee93331bd3a73d3965d1aadfc998582aa0
SSDEEP

3072:mh+HURFjFdJceVoSTXAWNcPJfxoJAAVk/uG3M:U+HURRm6M3xAMmG3M

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  de498afc8c191f5ab7e19148336e14c2_JaffaCakes118
- Size
  
  136KB
- MD5
  
  de498afc8c191f5ab7e19148336e14c2
- SHA1
  
  b556a6a3da5c62289c261bb0eeafa346cb719a0c
- SHA256
  
  470750441dd929d7157cda9128f7579e1dc120e755136b2107d29930343181e1
- SHA512
  
  5e71efe6dc0997fcc7befb51d57f426c3a183e484b3b15426e2030f515a32a23bdb385f11862afb70e30bcf0fd77e6ee93331bd3a73d3965d1aadfc998582aa0
- SSDEEP
  
  3072:mh+HURFjFdJceVoSTXAWNcPJfxoJAAVk/uG3M:U+HURRm6M3xAMmG3M
Score

7^/10

discovery persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence