a7c0b3b22c7f5e2500c1ce0ff2d964fcdcfda66e4db6b8bc14973ab315202523 | Triage

Sharing

General

Target

0435241693185d1b93d36f20c8f4fe60_JaffaCakes118
Size

236KB
Sample

241001-d13w3aybkr
MD5

0435241693185d1b93d36f20c8f4fe60
SHA1

304a33e1f261744264ae5f3a17069f39b8bb900a
SHA256

a7c0b3b22c7f5e2500c1ce0ff2d964fcdcfda66e4db6b8bc14973ab315202523
SHA512

05fef24787bc24b37fd30e2c11aee7f11b661c9ffd7d5e6a490ee5fb4b4ec4038674d03a328507f6f4ea9f0ca6cd20de9ac19159f59bba446a0579daa0f6275c
SSDEEP

1536:1dKaTHN2ymZ0ofa5uQm4V7HG8ldINh+RhFtFftCgpcGO5lPf/XG8GmGwktb0:1Y4tIQG8XAmbFfaGc1fawk10

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  0435241693185d1b93d36f20c8f4fe60_JaffaCakes118
- Size
  
  236KB
- MD5
  
  0435241693185d1b93d36f20c8f4fe60
- SHA1
  
  304a33e1f261744264ae5f3a17069f39b8bb900a
- SHA256
  
  a7c0b3b22c7f5e2500c1ce0ff2d964fcdcfda66e4db6b8bc14973ab315202523
- SHA512
  
  05fef24787bc24b37fd30e2c11aee7f11b661c9ffd7d5e6a490ee5fb4b4ec4038674d03a328507f6f4ea9f0ca6cd20de9ac19159f59bba446a0579daa0f6275c
- SSDEEP
  
  1536:1dKaTHN2ymZ0ofa5uQm4V7HG8ldINh+RhFtFftCgpcGO5lPf/XG8GmGwktb0:1Y4tIQG8XAmbFfaGc1fawk10
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence