fb8eed830e17b191ba21791059ebe46eb5dcd75ebf128dd308c3e1558d87499c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

eea00ad13cef3499cf75d440f453b191_JaffaCakes118
Size

313KB
Sample

240920-3ak11atgjr
MD5

eea00ad13cef3499cf75d440f453b191
SHA1

555d5f5d0a3c1a470eee187badd1404712f8cde5
SHA256

fb8eed830e17b191ba21791059ebe46eb5dcd75ebf128dd308c3e1558d87499c
SHA512

60b6807703d731d84c83d97e754fe3987250038534d4ea3340f1f19e3bcb5b157e432f597d2a16a4869205d3eaca4eb2c24b59058abd1dbcf69ba4f7d1776e68
SSDEEP

6144:+uT2zaQ8n2xc8WuMiczFQymrJNbkXynThpsWDdiS9qqqYKlnQaPC:+uW42xKaez07bkE0WD4nV5QaPC

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  eea00ad13cef3499cf75d440f453b191_JaffaCakes118
- Size
  
  313KB
- MD5
  
  eea00ad13cef3499cf75d440f453b191
- SHA1
  
  555d5f5d0a3c1a470eee187badd1404712f8cde5
- SHA256
  
  fb8eed830e17b191ba21791059ebe46eb5dcd75ebf128dd308c3e1558d87499c
- SHA512
  
  60b6807703d731d84c83d97e754fe3987250038534d4ea3340f1f19e3bcb5b157e432f597d2a16a4869205d3eaca4eb2c24b59058abd1dbcf69ba4f7d1776e68
- SSDEEP
  
  6144:+uT2zaQ8n2xc8WuMiczFQymrJNbkXynThpsWDdiS9qqqYKlnQaPC:+uW42xKaez07bkE0WD4nV5QaPC
Score

7^/10

discovery persistence
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence