9b894e375e381a4db74bdf50059e435add2901193022767717ec8fcd71bbda56 | Triage

Sharing

General

Target

07f3f29eeb7728a9f073f42e13cec4ee_JaffaCakes118
Size

444KB
Sample

241001-3z7w3a1bpa
MD5

07f3f29eeb7728a9f073f42e13cec4ee
SHA1

da7cb0eb9edb5e5506c0ee4c2fe4efbb54e6148b
SHA256

9b894e375e381a4db74bdf50059e435add2901193022767717ec8fcd71bbda56
SHA512

aa95e0df77854735e7d8395ba5eb5e1e7a3a188a92f87e5da039dd79ad363d2f515380a7ef9eb230ed03ad1dd5558467e3fbd101d8b32b3a99dcfdc530352de6
SSDEEP

6144:Qt5rjvFcipzmXQBCgYkkWcS7n6TjE4ukga/lLhYYIB6Rhwq406MQaYDYha6ib3u/:QnXTXYs9KSRZdMUyKqDhrixh8

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  07f3f29eeb7728a9f073f42e13cec4ee_JaffaCakes118
- Size
  
  444KB
- MD5
  
  07f3f29eeb7728a9f073f42e13cec4ee
- SHA1
  
  da7cb0eb9edb5e5506c0ee4c2fe4efbb54e6148b
- SHA256
  
  9b894e375e381a4db74bdf50059e435add2901193022767717ec8fcd71bbda56
- SHA512
  
  aa95e0df77854735e7d8395ba5eb5e1e7a3a188a92f87e5da039dd79ad363d2f515380a7ef9eb230ed03ad1dd5558467e3fbd101d8b32b3a99dcfdc530352de6
- SSDEEP
  
  6144:Qt5rjvFcipzmXQBCgYkkWcS7n6TjE4ukga/lLhYYIB6Rhwq406MQaYDYha6ib3u/:QnXTXYs9KSRZdMUyKqDhrixh8
Score

7^/10

discovery persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence