ab19050ce994f71bcbe293dc53a78e8cd055364c7567afcc9d59160158554c71 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

060032f2580e360f63a619313f47cf21_JaffaCakes118
Size

236KB
Sample

241001-qrv63swbkf
MD5

060032f2580e360f63a619313f47cf21
SHA1

61e06d48d6cc7446ab1b45391a203bfd1cec841e
SHA256

ab19050ce994f71bcbe293dc53a78e8cd055364c7567afcc9d59160158554c71
SHA512

013c1aee6e3eb314bffb03fb7f206f82a68fc1417ffe3b582aad3d29d91dbc7ae07c6c863b79ab9939a4ddfb77be564f255e4625ec15c8ba59e91cd1f5ff3f14
SSDEEP

1536:1dKaTHN2ymZ0ofa5uQm4V7HG8ldINh+RhFtFftCgpcGO5lPf/XG8GmGwktby:1Y4tIQG8XAmbFfaGc1fawk1y

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  060032f2580e360f63a619313f47cf21_JaffaCakes118
- Size
  
  236KB
- MD5
  
  060032f2580e360f63a619313f47cf21
- SHA1
  
  61e06d48d6cc7446ab1b45391a203bfd1cec841e
- SHA256
  
  ab19050ce994f71bcbe293dc53a78e8cd055364c7567afcc9d59160158554c71
- SHA512
  
  013c1aee6e3eb314bffb03fb7f206f82a68fc1417ffe3b582aad3d29d91dbc7ae07c6c863b79ab9939a4ddfb77be564f255e4625ec15c8ba59e91cd1f5ff3f14
- SSDEEP
  
  1536:1dKaTHN2ymZ0ofa5uQm4V7HG8ldINh+RhFtFftCgpcGO5lPf/XG8GmGwktby:1Y4tIQG8XAmbFfaGc1fawk1y
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence