d92cfd9bc9c389fc46bb0397e4a542eefb3c32409348b9442e37a6a125743fd6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

05eaca2ef70084e57a4a37865ec7eed3_JaffaCakes118
Size

16KB
Sample

241001-qaesrs1bmp
MD5

05eaca2ef70084e57a4a37865ec7eed3
SHA1

2da46f41acd004b6d97ad7eae8cf77bbc9cb52ed
SHA256

d92cfd9bc9c389fc46bb0397e4a542eefb3c32409348b9442e37a6a125743fd6
SHA512

36d7aba09c79e154912bbb8c651e9f9089e754a78b8015022479c622e8c82b38f7c6cd434d6b2ac82917f5e3243c1983a5ec742b57fb4adc85d85191418d955a
SSDEEP

384:1M+dpg819lCHYm7q3dtjYmS41kdBCApAXK6xv4xHBNarSpNokG:1M8pg4CHYC8m941k+ApATxv4LpNok

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  05eaca2ef70084e57a4a37865ec7eed3_JaffaCakes118
- Size
  
  16KB
- MD5
  
  05eaca2ef70084e57a4a37865ec7eed3
- SHA1
  
  2da46f41acd004b6d97ad7eae8cf77bbc9cb52ed
- SHA256
  
  d92cfd9bc9c389fc46bb0397e4a542eefb3c32409348b9442e37a6a125743fd6
- SHA512
  
  36d7aba09c79e154912bbb8c651e9f9089e754a78b8015022479c622e8c82b38f7c6cd434d6b2ac82917f5e3243c1983a5ec742b57fb4adc85d85191418d955a
- SSDEEP
  
  384:1M+dpg819lCHYm7q3dtjYmS41kdBCApAXK6xv4xHBNarSpNokG:1M8pg4CHYC8m941k+ApATxv4LpNok
Score

7^/10

discovery persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence