61a623d56edae4d771687cf0e2aee3ab1572c0accfddbd9787aa94030cd57821 | Triage

Sharing

General

Target

0bba6365b46b673edb004d9c7a70a6d8_JaffaCakes118
Size

34KB
Sample

241002-vrp3aa1ere
MD5

0bba6365b46b673edb004d9c7a70a6d8
SHA1

5e4ffdff22f83a9c5f89874f01bf8a112d43179f
SHA256

61a623d56edae4d771687cf0e2aee3ab1572c0accfddbd9787aa94030cd57821
SHA512

8fab3bd7f901b59dcc6d8a9f4b17aa327d060649327e6a590cf87cb9b64b5829ba21922d62b869e4dfd4b977d7020d7bdb77e3b70f1494f06f117654647aaade
SSDEEP

384:ZLoA0iaVZAywTId+uwDxXED/+1Qc1FyxCsJxqwpatuJ1+YX3R/FqyX24DaadYNMd:toTBwOjwtUa16xzT3Jf2Ca6Wve3PXx

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  0bba6365b46b673edb004d9c7a70a6d8_JaffaCakes118
- Size
  
  34KB
- MD5
  
  0bba6365b46b673edb004d9c7a70a6d8
- SHA1
  
  5e4ffdff22f83a9c5f89874f01bf8a112d43179f
- SHA256
  
  61a623d56edae4d771687cf0e2aee3ab1572c0accfddbd9787aa94030cd57821
- SHA512
  
  8fab3bd7f901b59dcc6d8a9f4b17aa327d060649327e6a590cf87cb9b64b5829ba21922d62b869e4dfd4b977d7020d7bdb77e3b70f1494f06f117654647aaade
- SSDEEP
  
  384:ZLoA0iaVZAywTId+uwDxXED/+1Qc1FyxCsJxqwpatuJ1+YX3R/FqyX24DaadYNMd:toTBwOjwtUa16xzT3Jf2Ca6Wve3PXx
Score

8^/10

discovery persistence
- Adds policy Run key to start application
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2