5e2fd81a5fe02cc2714ed000e258b178ac1382c57ee70daccfc1df3f1a0aa980 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dfdc25afa916dbb34f3c978f7274eb45_JaffaCakes118
Size

2.2MB
Sample

240914-kv5l2awbjn
MD5

dfdc25afa916dbb34f3c978f7274eb45
SHA1

2f03697b45444dac4beea8a1de797f6b048c442b
SHA256

5e2fd81a5fe02cc2714ed000e258b178ac1382c57ee70daccfc1df3f1a0aa980
SHA512

c029171a0d9bf5bcc121a42ea7d37151b5c4daf1225bfcbd8306f9dbe7dc77b7f2d8909ba2cbc624bd7d8b276b7cba7c0a78cc6550a46157e772dc22dab8be0c
SSDEEP

49152:Ala5TxnWfqCppTZG8k68v7g/13n/UfJIMk8L6uiYJvFmXFmxZaw:AI5luqCp5M3sd3n/Ufo3ISXU7a

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  dfdc25afa916dbb34f3c978f7274eb45_JaffaCakes118
- Size
  
  2.2MB
- MD5
  
  dfdc25afa916dbb34f3c978f7274eb45
- SHA1
  
  2f03697b45444dac4beea8a1de797f6b048c442b
- SHA256
  
  5e2fd81a5fe02cc2714ed000e258b178ac1382c57ee70daccfc1df3f1a0aa980
- SHA512
  
  c029171a0d9bf5bcc121a42ea7d37151b5c4daf1225bfcbd8306f9dbe7dc77b7f2d8909ba2cbc624bd7d8b276b7cba7c0a78cc6550a46157e772dc22dab8be0c
- SSDEEP
  
  49152:Ala5TxnWfqCppTZG8k68v7g/13n/UfJIMk8L6uiYJvFmXFmxZaw:AI5luqCp5M3sd3n/Ufo3ISXU7a
Score

7^/10

discovery persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Modifies system executable filetype association
  persistence
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Event Triggered Execution

Change Default File Association

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Event Triggered Execution

Change Default File Association

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2