dcf2ccde10e098cd1990b28329c0d4486aa892c12b2f561707286c4151437dc2 | Triage

Sharing

General

Target

ee322df68bbadb138bf4df26406fd51b_JaffaCakes118
Size

14KB
Sample

240920-w8ztgs1frp
MD5

ee322df68bbadb138bf4df26406fd51b
SHA1

42fc56cb71fe9d32f5c1efea0ae5f617c985b737
SHA256

dcf2ccde10e098cd1990b28329c0d4486aa892c12b2f561707286c4151437dc2
SHA512

d22cfec39d3b8638189f99027fb023d2653618b7ee9b2d2c18157cde13d91c2e050455094dac2f250f5dc328f660d9a0c7906d30c4ba646924d66892c3172c18
SSDEEP

192:qzUNcknUK9NrAW58dG3Di+gmWVGnTnohnznQu6brA+eaNLlulxhaewV96ltFJKsW:tckUKzifdVGTnmnsneyLlu5dGQltF9A

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  ee322df68bbadb138bf4df26406fd51b_JaffaCakes118
- Size
  
  14KB
- MD5
  
  ee322df68bbadb138bf4df26406fd51b
- SHA1
  
  42fc56cb71fe9d32f5c1efea0ae5f617c985b737
- SHA256
  
  dcf2ccde10e098cd1990b28329c0d4486aa892c12b2f561707286c4151437dc2
- SHA512
  
  d22cfec39d3b8638189f99027fb023d2653618b7ee9b2d2c18157cde13d91c2e050455094dac2f250f5dc328f660d9a0c7906d30c4ba646924d66892c3172c18
- SSDEEP
  
  192:qzUNcknUK9NrAW58dG3Di+gmWVGnTnohnznQu6brA+eaNLlulxhaewV96ltFJKsW:tckUKzifdVGTnmnsneyLlu5dGQltF9A
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence