60eaa44d8cf4a907c6afe5c32872ed04baf80b90a8e5ad017a7b1a6e89fa84f1 | Triage

Sharing

General

Target

083568d535ca89b9c978b02c1cadb0ce_JaffaCakes118
Size

2.7MB
Sample

241002-bmcrlszcpm
MD5

083568d535ca89b9c978b02c1cadb0ce
SHA1

2b06d2af4b658b13a721f23daf0ec9fe1c4bd6fa
SHA256

60eaa44d8cf4a907c6afe5c32872ed04baf80b90a8e5ad017a7b1a6e89fa84f1
SHA512

cc89560fef9ac7d25e983e44539ab538ee99d5f4fb2245b948869b692e2b5f47b7efc37a9c3aebaebe86e23d0dadb85be4a0a852dd2ba70aca915323372bf8a0
SSDEEP

3072:axOUTXIspizAnu4OROGvwB16YYPEzTJu1Lqc:axOUTXIsbHGvwBwZczuLH

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  083568d535ca89b9c978b02c1cadb0ce_JaffaCakes118
- Size
  
  2.7MB
- MD5
  
  083568d535ca89b9c978b02c1cadb0ce
- SHA1
  
  2b06d2af4b658b13a721f23daf0ec9fe1c4bd6fa
- SHA256
  
  60eaa44d8cf4a907c6afe5c32872ed04baf80b90a8e5ad017a7b1a6e89fa84f1
- SHA512
  
  cc89560fef9ac7d25e983e44539ab538ee99d5f4fb2245b948869b692e2b5f47b7efc37a9c3aebaebe86e23d0dadb85be4a0a852dd2ba70aca915323372bf8a0
- SSDEEP
  
  3072:axOUTXIspizAnu4OROGvwB16YYPEzTJu1Lqc:axOUTXIsbHGvwBwZczuLH
Score

8^/10

discovery persistence
- Blocklisted process makes network request
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence