bcda1369a0c1572930be0c0775e7a9207626d3055639bc97ad2abf331e4b9ee1 | Triage

Sharing

General

Target

0588e34e89c2c09a6b64c64e64c9a125_JaffaCakes118
Size

236KB
Sample

241001-mx6yzszbqh
MD5

0588e34e89c2c09a6b64c64e64c9a125
SHA1

7425fb415b6b595c88352ba5ac7cb666dd1c59a1
SHA256

bcda1369a0c1572930be0c0775e7a9207626d3055639bc97ad2abf331e4b9ee1
SHA512

41e2c2ac1088060c504fa899c3549b013e9004f63f78dd4a6a77c234a79c1add93d567f841230c6db251eb984de35ca42d2f2f64aef287a5d7cd8d0389e75346
SSDEEP

1536:1dKaTHN2ymZ0ofa5uQm4V7HG8ldINh+RhFtFftCgpcGO5lPf/XG8GmGwktbU:1Y4tIQG8XAmbFfaGc1fawk1U

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  0588e34e89c2c09a6b64c64e64c9a125_JaffaCakes118
- Size
  
  236KB
- MD5
  
  0588e34e89c2c09a6b64c64e64c9a125
- SHA1
  
  7425fb415b6b595c88352ba5ac7cb666dd1c59a1
- SHA256
  
  bcda1369a0c1572930be0c0775e7a9207626d3055639bc97ad2abf331e4b9ee1
- SHA512
  
  41e2c2ac1088060c504fa899c3549b013e9004f63f78dd4a6a77c234a79c1add93d567f841230c6db251eb984de35ca42d2f2f64aef287a5d7cd8d0389e75346
- SSDEEP
  
  1536:1dKaTHN2ymZ0ofa5uQm4V7HG8ldINh+RhFtFftCgpcGO5lPf/XG8GmGwktbU:1Y4tIQG8XAmbFfaGc1fawk1U
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence