b4122443adffc066be97bfeb5283efd4e7a6faea298c3d76e06dc30c17a2b224 | Triage

Sharing

General

Target

04caa9ed0adf7bc0bd95ba6d06745309_JaffaCakes118
Size

241KB
Sample

241001-hv96ea1amd
MD5

04caa9ed0adf7bc0bd95ba6d06745309
SHA1

a61fbeb2704db641d349b33fbcb65c66364052ac
SHA256

b4122443adffc066be97bfeb5283efd4e7a6faea298c3d76e06dc30c17a2b224
SHA512

5c6fe1954c171db648af26f135ce2efed8957cd5f058d23394528dc54991ddc37c4844369fc23f33dc9d1bcced32455235abaf1fb6a692fb872f28d1ebf9adf0
SSDEEP

1536:Uk7o633oUBp9mQKq1y0t/oYo+/lIoviSIh62tGOFzhdGsxLSa5Pwcu5AG0GO7rWp:UJEFp9mQKgt/D/4Z2SzPSoM47rWkEd

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  04caa9ed0adf7bc0bd95ba6d06745309_JaffaCakes118
- Size
  
  241KB
- MD5
  
  04caa9ed0adf7bc0bd95ba6d06745309
- SHA1
  
  a61fbeb2704db641d349b33fbcb65c66364052ac
- SHA256
  
  b4122443adffc066be97bfeb5283efd4e7a6faea298c3d76e06dc30c17a2b224
- SHA512
  
  5c6fe1954c171db648af26f135ce2efed8957cd5f058d23394528dc54991ddc37c4844369fc23f33dc9d1bcced32455235abaf1fb6a692fb872f28d1ebf9adf0
- SSDEEP
  
  1536:Uk7o633oUBp9mQKq1y0t/oYo+/lIoviSIh62tGOFzhdGsxLSa5Pwcu5AG0GO7rWp:UJEFp9mQKgt/D/4Z2SzPSoM47rWkEd
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence