e07432946d2dcbab1ff4dcb2e2bbaa7b1485325ea0a8ac965dee04bcd85990f5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

00af725c73ab308bbc2a10278ecf388a_JaffaCakes118
Size

31KB
Sample

240930-lp49rasgne
MD5

00af725c73ab308bbc2a10278ecf388a
SHA1

c6c32a94b3b4ffaf1f3d1f0b6fac42d9cbf05eae
SHA256

e07432946d2dcbab1ff4dcb2e2bbaa7b1485325ea0a8ac965dee04bcd85990f5
SHA512

5dbcea95b5d16815728a8cb32fb7d61001a1e1eae32d7a126389e35bfa89b603341f62bec9d572d02e5004b6800bd915ffc40c692cdbd400d4ce634d2f2e8b40
SSDEEP

768:g0zRi/tA1ry7p0yEfMCJ+wBHid1bS2l5gZe5G4sMI/XkEE:2FARyV0y0MxwBCHbS2lG0sMIf3E

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  00af725c73ab308bbc2a10278ecf388a_JaffaCakes118
- Size
  
  31KB
- MD5
  
  00af725c73ab308bbc2a10278ecf388a
- SHA1
  
  c6c32a94b3b4ffaf1f3d1f0b6fac42d9cbf05eae
- SHA256
  
  e07432946d2dcbab1ff4dcb2e2bbaa7b1485325ea0a8ac965dee04bcd85990f5
- SHA512
  
  5dbcea95b5d16815728a8cb32fb7d61001a1e1eae32d7a126389e35bfa89b603341f62bec9d572d02e5004b6800bd915ffc40c692cdbd400d4ce634d2f2e8b40
- SSDEEP
  
  768:g0zRi/tA1ry7p0yEfMCJ+wBHid1bS2l5gZe5G4sMI/XkEE:2FARyV0y0MxwBCHbS2lG0sMIf3E
Score

7^/10

persistence discovery
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence