693b3d9d5f7ef0eb27c7b78dd65da865fa2165bd246663b49c4625b4156eba52 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

005e0be78e2cb97da3a55faf31a60e38_JaffaCakes118
Size

237KB
Sample

240930-j9gm3svdjm
MD5

005e0be78e2cb97da3a55faf31a60e38
SHA1

67742d6af8a97832af23452218d32e3ff63174d3
SHA256

693b3d9d5f7ef0eb27c7b78dd65da865fa2165bd246663b49c4625b4156eba52
SHA512

9d096dbe99f71b82529fae993c77cc6ce42cc2701f7b12d9e33fd7e2f0232cd091722d861d4201f742d870ef8aa897826ea689ec4e77e2bd131ab9d28ed19ced
SSDEEP

1536:cD4b+SfPGwwPzNb6Z++AB5oUwK9qfTfxRlKLHFKwchgH4No7cLgkKwe5klYfG8Gq:cDmPWwWP+OmYwRlKhPcp67xws6iwkhh

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  005e0be78e2cb97da3a55faf31a60e38_JaffaCakes118
- Size
  
  237KB
- MD5
  
  005e0be78e2cb97da3a55faf31a60e38
- SHA1
  
  67742d6af8a97832af23452218d32e3ff63174d3
- SHA256
  
  693b3d9d5f7ef0eb27c7b78dd65da865fa2165bd246663b49c4625b4156eba52
- SHA512
  
  9d096dbe99f71b82529fae993c77cc6ce42cc2701f7b12d9e33fd7e2f0232cd091722d861d4201f742d870ef8aa897826ea689ec4e77e2bd131ab9d28ed19ced
- SSDEEP
  
  1536:cD4b+SfPGwwPzNb6Z++AB5oUwK9qfTfxRlKLHFKwchgH4No7cLgkKwe5klYfG8Gq:cDmPWwWP+OmYwRlKhPcp67xws6iwkhh
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence