ddc9ab7b4466875ad9199a06c395681975ffe81c4ff9ee0e3fefe33b60c9f545 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

06396a905c550b2fbcc5294a3adc4a70_JaffaCakes118
Size

236KB
Sample

241001-r1kmdavbll
MD5

06396a905c550b2fbcc5294a3adc4a70
SHA1

cc662f45bd16fa98dff338e60ff8129da03ef830
SHA256

ddc9ab7b4466875ad9199a06c395681975ffe81c4ff9ee0e3fefe33b60c9f545
SHA512

29ac969f0062ef4263f29c78bef53f3d7b3504fc57596c09641d454e15c24f7b8cabae73a13b50b77adb70199b8b4a1c147282ccc2bfaa409e3782f07caaba96
SSDEEP

1536:Iguo2K86vta10RJQYPIHL+D5IWhxRh/Ci4ucg3/+k5ltr+DRPG8Gz7wk+cQvMT:Go256vS0RJAL+lHPKi40+66iwkD0M

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  06396a905c550b2fbcc5294a3adc4a70_JaffaCakes118
- Size
  
  236KB
- MD5
  
  06396a905c550b2fbcc5294a3adc4a70
- SHA1
  
  cc662f45bd16fa98dff338e60ff8129da03ef830
- SHA256
  
  ddc9ab7b4466875ad9199a06c395681975ffe81c4ff9ee0e3fefe33b60c9f545
- SHA512
  
  29ac969f0062ef4263f29c78bef53f3d7b3504fc57596c09641d454e15c24f7b8cabae73a13b50b77adb70199b8b4a1c147282ccc2bfaa409e3782f07caaba96
- SSDEEP
  
  1536:Iguo2K86vta10RJQYPIHL+D5IWhxRh/Ci4ucg3/+k5ltr+DRPG8Gz7wk+cQvMT:Go256vS0RJAL+lHPKi40+66iwkD0M
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence