b66d4574ab04714c7e616fe622fe8f31a3978cb790f8b8d1bd821e92c356a106 | Triage

Sharing

General

Target

0115629224b4d4f0c7d1e440d02af9f4_JaffaCakes118
Size

237KB
Sample

240930-nk5e3axbqc
MD5

0115629224b4d4f0c7d1e440d02af9f4
SHA1

c152dfc6641c6541b7e33a7979dddb37c87703a7
SHA256

b66d4574ab04714c7e616fe622fe8f31a3978cb790f8b8d1bd821e92c356a106
SHA512

69d2c5828d391f5dd1a3b7aebb0874a3eda1a6637c284ab9aa18ff41123b042f3bf6a58c7f1b12277aa33a1d82239f8db15f4fd0925b9a01f9f70717f055b8c8
SSDEEP

3072:pLbjDwVMMoCI5S6/ChArh2cm2MjaxgKENwk+T:pjEVMMoC0/ChAFmj2e3ET

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  0115629224b4d4f0c7d1e440d02af9f4_JaffaCakes118
- Size
  
  237KB
- MD5
  
  0115629224b4d4f0c7d1e440d02af9f4
- SHA1
  
  c152dfc6641c6541b7e33a7979dddb37c87703a7
- SHA256
  
  b66d4574ab04714c7e616fe622fe8f31a3978cb790f8b8d1bd821e92c356a106
- SHA512
  
  69d2c5828d391f5dd1a3b7aebb0874a3eda1a6637c284ab9aa18ff41123b042f3bf6a58c7f1b12277aa33a1d82239f8db15f4fd0925b9a01f9f70717f055b8c8
- SSDEEP
  
  3072:pLbjDwVMMoCI5S6/ChArh2cm2MjaxgKENwk+T:pjEVMMoC0/ChAFmj2e3ET
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence