c151dbfcf31eae4b8d0b12c48b0ddcadf58d3f1e61045188c2255f26e0561325 | Triage

Sharing

General

Target

f6abd3782028bb7c6dc7dd1709758b5c_JaffaCakes118
Size

128KB
Sample

240925-xrhz3svgmb
MD5

f6abd3782028bb7c6dc7dd1709758b5c
SHA1

6a4a7a255afa0b33ed0622aeadf2faf9f53a4b8d
SHA256

c151dbfcf31eae4b8d0b12c48b0ddcadf58d3f1e61045188c2255f26e0561325
SHA512

38ae9111dee88aca52bb11908640e6f77bfeebbe789a837a55e25f4ff830760d3369a4c0ed9924ccc6c532c7f5df8e5c8a76237577e002fdc9e768214af6f642
SSDEEP

3072:6QAyBKur9hHsTbGHZYcEYAjl6FsJawlVDLgby+Sd:xnwbIYcEljU4gHSd

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  f6abd3782028bb7c6dc7dd1709758b5c_JaffaCakes118
- Size
  
  128KB
- MD5
  
  f6abd3782028bb7c6dc7dd1709758b5c
- SHA1
  
  6a4a7a255afa0b33ed0622aeadf2faf9f53a4b8d
- SHA256
  
  c151dbfcf31eae4b8d0b12c48b0ddcadf58d3f1e61045188c2255f26e0561325
- SHA512
  
  38ae9111dee88aca52bb11908640e6f77bfeebbe789a837a55e25f4ff830760d3369a4c0ed9924ccc6c532c7f5df8e5c8a76237577e002fdc9e768214af6f642
- SSDEEP
  
  3072:6QAyBKur9hHsTbGHZYcEYAjl6FsJawlVDLgby+Sd:xnwbIYcEljU4gHSd
Score

7^/10

discovery persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence