7ee2fbb3c404fad2eefd2c258ce7fd27aefb534d82422d2d96bf838b1f15d16d | Triage

Sharing

General

Target

00de6857eea9c7e0c9f3fe97898d2be7_JaffaCakes118
Size

230KB
Sample

240930-mkqq8szflp
MD5

00de6857eea9c7e0c9f3fe97898d2be7
SHA1

02357ce6b1419ccabb84279d4bd3a880202b1778
SHA256

7ee2fbb3c404fad2eefd2c258ce7fd27aefb534d82422d2d96bf838b1f15d16d
SHA512

f5ff63cc1d8c20e523c44de6f4ad06c9402360fb4a898ee14213a435a01f13217aa44787de13a18f6caa478d575fef1dc60f8227218ebde461e27ac5f604db8d
SSDEEP

1536:QiaVnouSu4CU7XZfjPcj/NMC2PhBRX99m+g9Vxm5dZZpQCLWGUGowkTEI/M:VioFCUrJcj/uC2b9+x0Jq8uwkQI0

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  00de6857eea9c7e0c9f3fe97898d2be7_JaffaCakes118
- Size
  
  230KB
- MD5
  
  00de6857eea9c7e0c9f3fe97898d2be7
- SHA1
  
  02357ce6b1419ccabb84279d4bd3a880202b1778
- SHA256
  
  7ee2fbb3c404fad2eefd2c258ce7fd27aefb534d82422d2d96bf838b1f15d16d
- SHA512
  
  f5ff63cc1d8c20e523c44de6f4ad06c9402360fb4a898ee14213a435a01f13217aa44787de13a18f6caa478d575fef1dc60f8227218ebde461e27ac5f604db8d
- SSDEEP
  
  1536:QiaVnouSu4CU7XZfjPcj/NMC2PhBRX99m+g9Vxm5dZZpQCLWGUGowkTEI/M:VioFCUrJcj/uC2b9+x0Jq8uwkQI0
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence