36ad06fe7846617d7b0f0305c317d75b75c9e9e7f79b88388005d3ffdb3859cd | Triage

Sharing

General

Target

ff4afa7d525415c1f772d1cb2716fdfa_JaffaCakes118
Size

25KB
Sample

240929-zd5m2azanj
MD5

ff4afa7d525415c1f772d1cb2716fdfa
SHA1

64bdf2307aa087b17be2ebe609bf0722b15e6d99
SHA256

36ad06fe7846617d7b0f0305c317d75b75c9e9e7f79b88388005d3ffdb3859cd
SHA512

8138e7ff027b87802cb2cb0aa1df68c512834f6593cefa0979b77ac753fe17487fbf0f61d7d2de2a6f385835a3e7726a695bc19bddd61e04ccbe3d02b1914226
SSDEEP

384:D1A1+N+AButJmnIOCfQzDqUflqsrn26QXqc6tknyvsyiC74pHrxYMC1:G1+N+4utJmnIGBNXr2fx6tUyiyP1

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  ff4afa7d525415c1f772d1cb2716fdfa_JaffaCakes118
- Size
  
  25KB
- MD5
  
  ff4afa7d525415c1f772d1cb2716fdfa
- SHA1
  
  64bdf2307aa087b17be2ebe609bf0722b15e6d99
- SHA256
  
  36ad06fe7846617d7b0f0305c317d75b75c9e9e7f79b88388005d3ffdb3859cd
- SHA512
  
  8138e7ff027b87802cb2cb0aa1df68c512834f6593cefa0979b77ac753fe17487fbf0f61d7d2de2a6f385835a3e7726a695bc19bddd61e04ccbe3d02b1914226
- SSDEEP
  
  384:D1A1+N+AButJmnIOCfQzDqUflqsrn26QXqc6tknyvsyiC74pHrxYMC1:G1+N+4utJmnIGBNXr2fx6tUyiyP1
Score

7^/10

discovery persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence