0f973a0af75e1a77775059baf51355da5212c7c42dd42382fa79162993b4667c | Triage

Sharing

General

Target

fd3db6540bfb80c585db1fdd7fae3db5_JaffaCakes118
Size

31KB
Sample

240928-13yrfs1ena
MD5

fd3db6540bfb80c585db1fdd7fae3db5
SHA1

4b4171c6404de88c48f61421d1e8b76a738dcb6b
SHA256

0f973a0af75e1a77775059baf51355da5212c7c42dd42382fa79162993b4667c
SHA512

93bb3e71dbbcc7be9a48d4d9cfa3fcb85ed31de9bcea71ce3a54fbf1c539ac2b725f51ec4e13a41818b0427f4d9ed1b64575515d640eb6a845ff7434661138cf
SSDEEP

768:5Dqbfv+gk6f4Wcgh3KMZ6OhMlJ6zKOlzF17fk:58L1HhjeQz

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  fd3db6540bfb80c585db1fdd7fae3db5_JaffaCakes118
- Size
  
  31KB
- MD5
  
  fd3db6540bfb80c585db1fdd7fae3db5
- SHA1
  
  4b4171c6404de88c48f61421d1e8b76a738dcb6b
- SHA256
  
  0f973a0af75e1a77775059baf51355da5212c7c42dd42382fa79162993b4667c
- SHA512
  
  93bb3e71dbbcc7be9a48d4d9cfa3fcb85ed31de9bcea71ce3a54fbf1c539ac2b725f51ec4e13a41818b0427f4d9ed1b64575515d640eb6a845ff7434661138cf
- SSDEEP
  
  768:5Dqbfv+gk6f4Wcgh3KMZ6OhMlJ6zKOlzF17fk:58L1HhjeQz
Score

7^/10

discovery persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence