ca8ec89c4c83cb8946015708663d48d86058e7c5c094ce7d56e8ef4bbafa6fcd | Triage

Sharing

General

Target

f6bd25e0daf59c7bb733b59416068bd6_JaffaCakes118
Size

57KB
Sample

240925-yhefzaxdrd
MD5

f6bd25e0daf59c7bb733b59416068bd6
SHA1

ef6c28329f60ea7fd067fcd4e0924f166deda48e
SHA256

ca8ec89c4c83cb8946015708663d48d86058e7c5c094ce7d56e8ef4bbafa6fcd
SHA512

e329a6951fbeed6d0c5b42564c37c3ec4fa68842881e22b775b2c0b305fba9bd287c1be09df650c9c0ad7fc85490ff4f9e4b915a740fa0999d70ee0c155a185b
SSDEEP

768:9H/mxdnhVI61Iv3JSHgrhjfvdW1lacva85tZB/CF/2F/:9AdhVx1I/JSHgr1NAlacNtZwQ

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  f6bd25e0daf59c7bb733b59416068bd6_JaffaCakes118
- Size
  
  57KB
- MD5
  
  f6bd25e0daf59c7bb733b59416068bd6
- SHA1
  
  ef6c28329f60ea7fd067fcd4e0924f166deda48e
- SHA256
  
  ca8ec89c4c83cb8946015708663d48d86058e7c5c094ce7d56e8ef4bbafa6fcd
- SHA512
  
  e329a6951fbeed6d0c5b42564c37c3ec4fa68842881e22b775b2c0b305fba9bd287c1be09df650c9c0ad7fc85490ff4f9e4b915a740fa0999d70ee0c155a185b
- SSDEEP
  
  768:9H/mxdnhVI61Iv3JSHgrhjfvdW1lacva85tZB/CF/2F/:9AdhVx1I/JSHgr1NAlacNtZwQ
Score

7^/10

discovery persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence