7e94f7bd8ac08182391563fd6586dd46be2c8a9da69d1257ebb0dedf368db583 | Triage

Sharing

General

Target

06251905414e40b3558827457ed25d39_JaffaCakes118
Size

493KB
Sample

241001-rgea9axejg
MD5

06251905414e40b3558827457ed25d39
SHA1

e33b8115b6863e42b0aa8b732720fb986292f0f0
SHA256

7e94f7bd8ac08182391563fd6586dd46be2c8a9da69d1257ebb0dedf368db583
SHA512

569192e8ee46f9cda48f6b7a031dd6e6c3e3132e9cb9d7bcdfafc31f3bff4751d15e9d6c1124a2282bf2ff376b942ea5473b717d1735d8a12fcad2f1bb5f0c92
SSDEEP

12288:gZpAHRYI//Q1HYRy6xmHuaFtn1XLRLvoQoZRAWtKw/PMpsTFM:y+H2GxmPxL6QIr/PMpMM

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  06251905414e40b3558827457ed25d39_JaffaCakes118
- Size
  
  493KB
- MD5
  
  06251905414e40b3558827457ed25d39
- SHA1
  
  e33b8115b6863e42b0aa8b732720fb986292f0f0
- SHA256
  
  7e94f7bd8ac08182391563fd6586dd46be2c8a9da69d1257ebb0dedf368db583
- SHA512
  
  569192e8ee46f9cda48f6b7a031dd6e6c3e3132e9cb9d7bcdfafc31f3bff4751d15e9d6c1124a2282bf2ff376b942ea5473b717d1735d8a12fcad2f1bb5f0c92
- SSDEEP
  
  12288:gZpAHRYI//Q1HYRy6xmHuaFtn1XLRLvoQoZRAWtKw/PMpsTFM:y+H2GxmPxL6QIr/PMpMM
Score

7^/10

discovery persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence