53b8d281077d8a8ecc79a3217c6e9633f1e5d96e6375e2cf292bd8ca17dcc13b | Triage

Sharing

General

Target

16f30e08a23731959a7d5c93a99bf25e_JaffaCakes118
Size

19.5MB
Sample

241005-kfmgxavhpn
MD5

16f30e08a23731959a7d5c93a99bf25e
SHA1

c6e1a5622eb33f54e3096e6780db0bbccdf18a43
SHA256

53b8d281077d8a8ecc79a3217c6e9633f1e5d96e6375e2cf292bd8ca17dcc13b
SHA512

7769b914f03cf90549176ea0a475441a9b7a32b4ac0efc410105e8cca94917db56269b2832c7e7df147630b02196349b1715237a24305c26611f81b5cb971068
SSDEEP

393216:r/v3Wof06CYuF24oyUrDv+qcLYh1xSL7kx010yDm8cu/Z:r/vmocZGyab1x3x008/Z

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  Docklight.v1.9.21/Docklight.v1.9.21_setup.exe
- Size
  
  38.0MB
- MD5
  
  7174690c3be785ad79e2d8260febff79
- SHA1
  
  d1134571ed3ac91da130e5c11765eb2ed7d29865
- SHA256
  
  42b18379c5e638184ed4a8fda01926eaa0583ab0a4a37f42c995fe18cb64b93b
- SHA512
  
  d0b4f8a47f8f486d7edffa059a1c86563680264f99776a0c7f2f275e1a07128bf88bcdc9c3a71900721923effe1bd2c963367040e206e1efd080b57e1280caba
- SSDEEP
  
  786432:YSmXO8MHAyltfQktxY23oHzOkSBf3OOw9:lm+86tfQuxCikW/O5
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence