f98048455a4ff94b8302ae12da921c8f6ee7d7d599e2e9eb0754adb0ec8787ac | Triage

Sharing

Copy URL Twitter E-mail

General

Target

05f1249575ce3939a204a2e5ea76acbf_JaffaCakes118
Size

236KB
Sample

241001-qey27svema
MD5

05f1249575ce3939a204a2e5ea76acbf
SHA1

8fc2b08aaad82c884608bfd073ec898ca1629079
SHA256

f98048455a4ff94b8302ae12da921c8f6ee7d7d599e2e9eb0754adb0ec8787ac
SHA512

91f7e84e3b319919903bfeaf8cbf41d160ee5beab8f9f7677b427edeb73b62a912883f726ecb0fd72e3b2c9de6d9dbf2ad8dfb08cd5471270f04dec7d9062ec6
SSDEEP

1536:1dKaTHN2ymZ0ofa5uQm4V7HG8ldINh+RhFtFftCgpcGO5lPf/XG8GmGwktbM:1Y4tIQG8XAmbFfaGc1fawk1M

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  05f1249575ce3939a204a2e5ea76acbf_JaffaCakes118
- Size
  
  236KB
- MD5
  
  05f1249575ce3939a204a2e5ea76acbf
- SHA1
  
  8fc2b08aaad82c884608bfd073ec898ca1629079
- SHA256
  
  f98048455a4ff94b8302ae12da921c8f6ee7d7d599e2e9eb0754adb0ec8787ac
- SHA512
  
  91f7e84e3b319919903bfeaf8cbf41d160ee5beab8f9f7677b427edeb73b62a912883f726ecb0fd72e3b2c9de6d9dbf2ad8dfb08cd5471270f04dec7d9062ec6
- SSDEEP
  
  1536:1dKaTHN2ymZ0ofa5uQm4V7HG8ldINh+RhFtFftCgpcGO5lPf/XG8GmGwktbM:1Y4tIQG8XAmbFfaGc1fawk1M
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence