b274cdb3d9ecba2184ad6e1621214e38ee5e1f15ac8d3e3cdb16c00b44215c3b | Triage

Sharing

General

Target

06b7241aaad5e9dd79d33ce340f2c0b9_JaffaCakes118
Size

236KB
Sample

241001-vydmts1fmq
MD5

06b7241aaad5e9dd79d33ce340f2c0b9
SHA1

79efd1b04d921a8673f908b581a75379cd07bc9b
SHA256

b274cdb3d9ecba2184ad6e1621214e38ee5e1f15ac8d3e3cdb16c00b44215c3b
SHA512

e9b45ee7fcac92d42449f5e63943b0f10ca47eea628b751c4e92494a3db99af08d1d7802830c3f8057f171a9d1e7e571ce4fdba360c1db45c56d7cca124c848f
SSDEEP

1536:Iguo2K86vta10RJQYPIHL+D5IWhxRh/Ci4ucg3/+k5ltr+DRPG8Gz7wk+cQvMe:Go256vS0RJAL+lHPKi40+66iwkD0l

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  06b7241aaad5e9dd79d33ce340f2c0b9_JaffaCakes118
- Size
  
  236KB
- MD5
  
  06b7241aaad5e9dd79d33ce340f2c0b9
- SHA1
  
  79efd1b04d921a8673f908b581a75379cd07bc9b
- SHA256
  
  b274cdb3d9ecba2184ad6e1621214e38ee5e1f15ac8d3e3cdb16c00b44215c3b
- SHA512
  
  e9b45ee7fcac92d42449f5e63943b0f10ca47eea628b751c4e92494a3db99af08d1d7802830c3f8057f171a9d1e7e571ce4fdba360c1db45c56d7cca124c848f
- SSDEEP
  
  1536:Iguo2K86vta10RJQYPIHL+D5IWhxRh/Ci4ucg3/+k5ltr+DRPG8Gz7wk+cQvMe:Go256vS0RJAL+lHPKi40+66iwkD0l
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence