2469361e7bab107197bdce7d803ea97928545e754e0988c5d94247d2e5bb7ed3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f5ca6cdaaaa5f200f95d4b89de5003ab_JaffaCakes118
Size

27KB
Sample

240925-mc7psazekr
MD5

f5ca6cdaaaa5f200f95d4b89de5003ab
SHA1

45b04b5dc26e98c72aed216c69780b0ffe06d4c7
SHA256

2469361e7bab107197bdce7d803ea97928545e754e0988c5d94247d2e5bb7ed3
SHA512

af6981f701cadf72cbaacab927ea0c72dd43c56c60e2fbe57c2ab085d2771b9b7feef18e0c56baec1bc127a6091949777c914938137a9ae5d4f5a8452dfaeca8
SSDEEP

768:UTgnXlpb6TpzQtyRM1QBCnrasI3GTHmOwm:UMnXlpOTp5M1Xrasym

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  f5ca6cdaaaa5f200f95d4b89de5003ab_JaffaCakes118
- Size
  
  27KB
- MD5
  
  f5ca6cdaaaa5f200f95d4b89de5003ab
- SHA1
  
  45b04b5dc26e98c72aed216c69780b0ffe06d4c7
- SHA256
  
  2469361e7bab107197bdce7d803ea97928545e754e0988c5d94247d2e5bb7ed3
- SHA512
  
  af6981f701cadf72cbaacab927ea0c72dd43c56c60e2fbe57c2ab085d2771b9b7feef18e0c56baec1bc127a6091949777c914938137a9ae5d4f5a8452dfaeca8
- SSDEEP
  
  768:UTgnXlpb6TpzQtyRM1QBCnrasI3GTHmOwm:UMnXlpOTp5M1Xrasym
Score

7^/10

persistence discovery
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence