0a33e02c2cf35dc3d2a7404bebcc20080fe00876b92509464ba64302ae3d5239 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

06bf28afb24066ddb543d633e4bc441b_JaffaCakes118
Size

335KB
Sample

241001-v5l8jswama
MD5

06bf28afb24066ddb543d633e4bc441b
SHA1

dca692fb1b0752a53c9c31bdea7c8e9e004e9d37
SHA256

0a33e02c2cf35dc3d2a7404bebcc20080fe00876b92509464ba64302ae3d5239
SHA512

a21df423a6c18cb1662eef28619886eff08d53c63ce180ca9313fbf9aa5a2adb632178035e530a26519877b5897fc32b07a13bbb5ef0d4bb522d0c77f67e40e9
SSDEEP

6144:DBj6B6kP/KRvA9HmNR92bIjLxPTYra385tnDzeO+SsZPqXhEWw3g/r3IDhIDsWCx:s6kPIA9mR9jXZkznXL+C7l/fIX6cgD0

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  06bf28afb24066ddb543d633e4bc441b_JaffaCakes118
- Size
  
  335KB
- MD5
  
  06bf28afb24066ddb543d633e4bc441b
- SHA1
  
  dca692fb1b0752a53c9c31bdea7c8e9e004e9d37
- SHA256
  
  0a33e02c2cf35dc3d2a7404bebcc20080fe00876b92509464ba64302ae3d5239
- SHA512
  
  a21df423a6c18cb1662eef28619886eff08d53c63ce180ca9313fbf9aa5a2adb632178035e530a26519877b5897fc32b07a13bbb5ef0d4bb522d0c77f67e40e9
- SSDEEP
  
  6144:DBj6B6kP/KRvA9HmNR92bIjLxPTYra385tnDzeO+SsZPqXhEWw3g/r3IDhIDsWCx:s6kPIA9mR9jXZkznXL+C7l/fIX6cgD0
Score

8^/10

discovery persistence
- Sets service image path in registry
  persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2