289d800ba4ef98a1af9c9752d18e4afc1b690b3e5df421b200fbc01c049212be | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f99c3ca8bafccae696a70eceffa98dd3_JaffaCakes118
Size

188KB
Sample

240927-ds7kaasern
MD5

f99c3ca8bafccae696a70eceffa98dd3
SHA1

c79b59276068febec1aa579854e883cd723c007f
SHA256

289d800ba4ef98a1af9c9752d18e4afc1b690b3e5df421b200fbc01c049212be
SHA512

d192f8bcedc9d3712a233ed1cac903b49ffdba3358b797e6ede5c9aaba6857fb1cd1d19574bf3c4780514bd0131cc046bc3101228c0c64cd498431ec02919815
SSDEEP

3072:0DwUrtu45okZxJKlSVcYXFr9pdp2zAkNjtWB/mGeiF8TI5P6x+WJQo:Mpt7OlaXFJpdpofjt4/LaIoJQ

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  f99c3ca8bafccae696a70eceffa98dd3_JaffaCakes118
- Size
  
  188KB
- MD5
  
  f99c3ca8bafccae696a70eceffa98dd3
- SHA1
  
  c79b59276068febec1aa579854e883cd723c007f
- SHA256
  
  289d800ba4ef98a1af9c9752d18e4afc1b690b3e5df421b200fbc01c049212be
- SHA512
  
  d192f8bcedc9d3712a233ed1cac903b49ffdba3358b797e6ede5c9aaba6857fb1cd1d19574bf3c4780514bd0131cc046bc3101228c0c64cd498431ec02919815
- SSDEEP
  
  3072:0DwUrtu45okZxJKlSVcYXFr9pdp2zAkNjtWB/mGeiF8TI5P6x+WJQo:Mpt7OlaXFJpdpofjt4/LaIoJQ
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence