db413ef066d2343a3ffc234074843542d6b463cbe44ef292e0eb7d31ce6613d3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0aecfdf22ef2a94829f593f853cd09ed_JaffaCakes118
Size

714KB
Sample

241002-qxt6zasfla
MD5

0aecfdf22ef2a94829f593f853cd09ed
SHA1

d13ce7d6d1ba14d8aba21a5f075149595730a05e
SHA256

db413ef066d2343a3ffc234074843542d6b463cbe44ef292e0eb7d31ce6613d3
SHA512

f1652300f3cc6e553283bdb268f4570ccc1f81ef3d65273516fcced7d2b63d2f359093dc2aa87e688128d79c582eb7517e9d7b4fdd404dc573403be845846161
SSDEEP

12288:yG+0msW40OZoiMXD+WuDNikChfzKFAtihxzxfs+g8F3Z4mxxR0MHoTAFb2:ySms31o/T+Wu9ChEMarg8QmXRKR

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  0aecfdf22ef2a94829f593f853cd09ed_JaffaCakes118
- Size
  
  714KB
- MD5
  
  0aecfdf22ef2a94829f593f853cd09ed
- SHA1
  
  d13ce7d6d1ba14d8aba21a5f075149595730a05e
- SHA256
  
  db413ef066d2343a3ffc234074843542d6b463cbe44ef292e0eb7d31ce6613d3
- SHA512
  
  f1652300f3cc6e553283bdb268f4570ccc1f81ef3d65273516fcced7d2b63d2f359093dc2aa87e688128d79c582eb7517e9d7b4fdd404dc573403be845846161
- SSDEEP
  
  12288:yG+0msW40OZoiMXD+WuDNikChfzKFAtihxzxfs+g8F3Z4mxxR0MHoTAFb2:ySms31o/T+Wu9ChEMarg8QmXRKR
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence