ca1bcef0bfc476f240daa7d46a45f88bbdc2282ca7e50edf8eaa18e2cbfec1ef | Triage

Sharing

General

Target

0349ca4db3a1bf9aba3c2ce61d7a9b99_JaffaCakes118
Size

985KB
Sample

240930-z43w5azckc
MD5

0349ca4db3a1bf9aba3c2ce61d7a9b99
SHA1

be4728d61149b6697d93955558851a673c0969d6
SHA256

ca1bcef0bfc476f240daa7d46a45f88bbdc2282ca7e50edf8eaa18e2cbfec1ef
SHA512

0f5ae7049f1529b80688ed7eb6595a8a156ceecf7939c4add746e7979ca29a2faef94d387ce83a7c3f2d5d151dcb4ce442b466e5bbe3522966dd683b10d96d4f
SSDEEP

24576:4w6TLqE6IzA5CIZ7TGHaqPIesbQv8NDjQxUvWXSuyZ:QeEy32B035k32

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  0349ca4db3a1bf9aba3c2ce61d7a9b99_JaffaCakes118
- Size
  
  985KB
- MD5
  
  0349ca4db3a1bf9aba3c2ce61d7a9b99
- SHA1
  
  be4728d61149b6697d93955558851a673c0969d6
- SHA256
  
  ca1bcef0bfc476f240daa7d46a45f88bbdc2282ca7e50edf8eaa18e2cbfec1ef
- SHA512
  
  0f5ae7049f1529b80688ed7eb6595a8a156ceecf7939c4add746e7979ca29a2faef94d387ce83a7c3f2d5d151dcb4ce442b466e5bbe3522966dd683b10d96d4f
- SSDEEP
  
  24576:4w6TLqE6IzA5CIZ7TGHaqPIesbQv8NDjQxUvWXSuyZ:QeEy32B035k32
Score

7^/10

discovery persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence