c1b9b1498e94a595398cae77c2e50bf8023e9ea02f3b3803899a9fb4aeabce75 | Triage

Sharing

General

Target

eed7798904fbbe0f10b9223717cafb5c_JaffaCakes118
Size

13KB
Sample

240921-b7n1dazckm
MD5

eed7798904fbbe0f10b9223717cafb5c
SHA1

31d089d550247b0d0eb35cae03c3f555a1d0b1d3
SHA256

c1b9b1498e94a595398cae77c2e50bf8023e9ea02f3b3803899a9fb4aeabce75
SHA512

d048d5365be15352afb203f21f09dc2f93a3daae53f3f39c416f593a190956e1950d8771f27731fa6a075743e0eec753f2c0c78e4f6918b434b7f31c432c24d2
SSDEEP

384:ZGllOAPM0JVfZvTAesNcmZvg4VMTv2pkHRLOk:gHl0qFZKcmZg4VaMgRSk

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  eed7798904fbbe0f10b9223717cafb5c_JaffaCakes118
- Size
  
  13KB
- MD5
  
  eed7798904fbbe0f10b9223717cafb5c
- SHA1
  
  31d089d550247b0d0eb35cae03c3f555a1d0b1d3
- SHA256
  
  c1b9b1498e94a595398cae77c2e50bf8023e9ea02f3b3803899a9fb4aeabce75
- SHA512
  
  d048d5365be15352afb203f21f09dc2f93a3daae53f3f39c416f593a190956e1950d8771f27731fa6a075743e0eec753f2c0c78e4f6918b434b7f31c432c24d2
- SSDEEP
  
  384:ZGllOAPM0JVfZvTAesNcmZvg4VMTv2pkHRLOk:gHl0qFZKcmZg4VaMgRSk
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence