a6c35c9873c75fc8550e7acc707f08c57ea348cb165281e7a8721bf7ca633582 | Triage

Sharing

General

Target

045b506cb6fba791aff66d3ce9dc8420_JaffaCakes118
Size

236KB
Sample

241001-ez1wrazgmr
MD5

045b506cb6fba791aff66d3ce9dc8420
SHA1

555c4e9ea233b8c735efec1727ed46ba3f566eca
SHA256

a6c35c9873c75fc8550e7acc707f08c57ea348cb165281e7a8721bf7ca633582
SHA512

f3deef609a1ff4c4b15fd8c909cf3d3139ae74faefaea9b6cda3e4a38731abb35359e481574776abba680a30290951e331ec5311cdb80b9438aed4bf5937a3f9
SSDEEP

3072:SeqmgHwlaazN9U3J+P0wFp+bLrt2wkkI6:+Qj9U3jwO3rt5R

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  045b506cb6fba791aff66d3ce9dc8420_JaffaCakes118
- Size
  
  236KB
- MD5
  
  045b506cb6fba791aff66d3ce9dc8420
- SHA1
  
  555c4e9ea233b8c735efec1727ed46ba3f566eca
- SHA256
  
  a6c35c9873c75fc8550e7acc707f08c57ea348cb165281e7a8721bf7ca633582
- SHA512
  
  f3deef609a1ff4c4b15fd8c909cf3d3139ae74faefaea9b6cda3e4a38731abb35359e481574776abba680a30290951e331ec5311cdb80b9438aed4bf5937a3f9
- SSDEEP
  
  3072:SeqmgHwlaazN9U3J+P0wFp+bLrt2wkkI6:+Qj9U3jwO3rt5R
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence