a24c6474964a1507fba7f91f4caefc92d74bb428103730ae87877914810700d2 | Triage

Sharing

General

Target

043af7bb9444dae4085c8e6e3b040d9e_JaffaCakes118
Size

236KB
Sample

241001-d6zftsydkl
MD5

043af7bb9444dae4085c8e6e3b040d9e
SHA1

395536ff3ca4e654934f887699952d81172b93f5
SHA256

a24c6474964a1507fba7f91f4caefc92d74bb428103730ae87877914810700d2
SHA512

d90ed5bea49777631437b45bd6c656492d617341a893af993c1756a51be765591c398c6a322bf4dc63ddee5dd2e6f4735889e984f75dcaea24f47ac9dfeb4f07
SSDEEP

1536:1dKaTHN2ymZ0ofa5uQm4V7HG8ldINh+RhFtFftCgpcGO5lPf/XG8GmGwktbf:1Y4tIQG8XAmbFfaGc1fawk1f

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  043af7bb9444dae4085c8e6e3b040d9e_JaffaCakes118
- Size
  
  236KB
- MD5
  
  043af7bb9444dae4085c8e6e3b040d9e
- SHA1
  
  395536ff3ca4e654934f887699952d81172b93f5
- SHA256
  
  a24c6474964a1507fba7f91f4caefc92d74bb428103730ae87877914810700d2
- SHA512
  
  d90ed5bea49777631437b45bd6c656492d617341a893af993c1756a51be765591c398c6a322bf4dc63ddee5dd2e6f4735889e984f75dcaea24f47ac9dfeb4f07
- SSDEEP
  
  1536:1dKaTHN2ymZ0ofa5uQm4V7HG8ldINh+RhFtFftCgpcGO5lPf/XG8GmGwktbf:1Y4tIQG8XAmbFfaGc1fawk1f
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence