bd84e3bb83903409176189585358827d1899cb426dc419761aeebf16302bde90 | Triage

Sharing

General

Target

eca2d6cc205f9390cf1104df6d90aee9_JaffaCakes118
Size

16KB
Sample

240920-clgvlstcmf
MD5

eca2d6cc205f9390cf1104df6d90aee9
SHA1

b33d93c847f25c16cb6aef683011398a9a5e59dc
SHA256

bd84e3bb83903409176189585358827d1899cb426dc419761aeebf16302bde90
SHA512

b31033ddba70df8755f2e1c21c1cf83c10e16e5e9cd696af00ae551129d3facc70cb1ae53214a72988aa66fdb67c94dcaf2348d4d21b21bd0412d1bf20a909e6
SSDEEP

384:T1Ox2m64R34KCU4CAvjqEYTT03rWTZKroAEibsrB:T1afpHAfLqEo6AZLAESsN

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  eca2d6cc205f9390cf1104df6d90aee9_JaffaCakes118
- Size
  
  16KB
- MD5
  
  eca2d6cc205f9390cf1104df6d90aee9
- SHA1
  
  b33d93c847f25c16cb6aef683011398a9a5e59dc
- SHA256
  
  bd84e3bb83903409176189585358827d1899cb426dc419761aeebf16302bde90
- SHA512
  
  b31033ddba70df8755f2e1c21c1cf83c10e16e5e9cd696af00ae551129d3facc70cb1ae53214a72988aa66fdb67c94dcaf2348d4d21b21bd0412d1bf20a909e6
- SSDEEP
  
  384:T1Ox2m64R34KCU4CAvjqEYTT03rWTZKroAEibsrB:T1afpHAfLqEo6AZLAESsN
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence