bde4b1764b5a70709b723386a294138660bd854d0ebdaecd22a33b88a90c9ad1 | Triage

Sharing

General

Target

ea906173ade4a8e7caf81b526ed6ad17_JaffaCakes118
Size

114KB
Sample

240919-eta35s1bkl
MD5

ea906173ade4a8e7caf81b526ed6ad17
SHA1

df73e3c75e64bf977deebd51372e754946acff49
SHA256

bde4b1764b5a70709b723386a294138660bd854d0ebdaecd22a33b88a90c9ad1
SHA512

7638c1611509290affc0e32f2856de89828f009ee4d35f5a989d5cb63d34cfb158b81d5e1bfc3c6e54c15497f732562c1a441fdc0e508d66cd4680c34fd8a3a6
SSDEEP

3072:O+jweiyQWL55POlnYYqV/4DQFu/U3buRKlemZ9DnGAeDA5SdPilsO9t2:O8wsQGa2x4DQFu/U3buRKlemZ9DnGAe2

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  ea906173ade4a8e7caf81b526ed6ad17_JaffaCakes118
- Size
  
  114KB
- MD5
  
  ea906173ade4a8e7caf81b526ed6ad17
- SHA1
  
  df73e3c75e64bf977deebd51372e754946acff49
- SHA256
  
  bde4b1764b5a70709b723386a294138660bd854d0ebdaecd22a33b88a90c9ad1
- SHA512
  
  7638c1611509290affc0e32f2856de89828f009ee4d35f5a989d5cb63d34cfb158b81d5e1bfc3c6e54c15497f732562c1a441fdc0e508d66cd4680c34fd8a3a6
- SSDEEP
  
  3072:O+jweiyQWL55POlnYYqV/4DQFu/U3buRKlemZ9DnGAeDA5SdPilsO9t2:O8wsQGa2x4DQFu/U3buRKlemZ9DnGAe2
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence