c553b1c33189e98c02c5d170074269138f6d9e6f922d23ce4f37dd7adf143cba | Triage

Sharing

General

Target

2911a0b22b3c104013caa93c79339bb5_JaffaCakes118
Size

16KB
Sample

241009-crgf2atckp
MD5

2911a0b22b3c104013caa93c79339bb5
SHA1

cc2ca17f6f694c914cefa1b0be9c4425c142ebec
SHA256

c553b1c33189e98c02c5d170074269138f6d9e6f922d23ce4f37dd7adf143cba
SHA512

cbc98bf4bd8d522eed95500d3da0d09f0d9ec70b891690d8d3ef496acc1094de7977b02605bba2924bf4aecf1c8ffdad25d4b68ea46fa19aec5d3a09177fe4f8
SSDEEP

384:+qIxoxSu8JW5VMazYmUhP45UqnmpblQmuFrI33w:+qEMSu8gRCMmcmuW3w

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  2911a0b22b3c104013caa93c79339bb5_JaffaCakes118
- Size
  
  16KB
- MD5
  
  2911a0b22b3c104013caa93c79339bb5
- SHA1
  
  cc2ca17f6f694c914cefa1b0be9c4425c142ebec
- SHA256
  
  c553b1c33189e98c02c5d170074269138f6d9e6f922d23ce4f37dd7adf143cba
- SHA512
  
  cbc98bf4bd8d522eed95500d3da0d09f0d9ec70b891690d8d3ef496acc1094de7977b02605bba2924bf4aecf1c8ffdad25d4b68ea46fa19aec5d3a09177fe4f8
- SSDEEP
  
  384:+qIxoxSu8JW5VMazYmUhP45UqnmpblQmuFrI33w:+qEMSu8gRCMmcmuW3w
Score

7^/10

discovery persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence