5e3a81141588ea1d80cb804e7f82dbbdcae9b555f40887e94399cfb1b58f35a4 | Triage

Sharing

General

Target

29e0c85ef9c62c9d079170c4d66409a9_JaffaCakes118
Size

15KB
Sample

241009-dvc4fstdqh
MD5

29e0c85ef9c62c9d079170c4d66409a9
SHA1

b2c18189ae34fde75c2d39b02e253a24adfa77fe
SHA256

5e3a81141588ea1d80cb804e7f82dbbdcae9b555f40887e94399cfb1b58f35a4
SHA512

5df02af2e064fc0acd3a36dc531f90f07fedb42c46d04ad2edc3918710bb104658ec7cdb44f600f53bcfba7607ead689ab57fe2a490edb197b317997a4c2efa6
SSDEEP

192:NAJ0eUpyrfIGL2aHc60lGSobp735nXTlMM6jAiBRQxIirGFODanx9ZP+CrkgBw:qJBy4HfcbGPbNrMM68zqkgeaxbP+G

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  29e0c85ef9c62c9d079170c4d66409a9_JaffaCakes118
- Size
  
  15KB
- MD5
  
  29e0c85ef9c62c9d079170c4d66409a9
- SHA1
  
  b2c18189ae34fde75c2d39b02e253a24adfa77fe
- SHA256
  
  5e3a81141588ea1d80cb804e7f82dbbdcae9b555f40887e94399cfb1b58f35a4
- SHA512
  
  5df02af2e064fc0acd3a36dc531f90f07fedb42c46d04ad2edc3918710bb104658ec7cdb44f600f53bcfba7607ead689ab57fe2a490edb197b317997a4c2efa6
- SSDEEP
  
  192:NAJ0eUpyrfIGL2aHc60lGSobp735nXTlMM6jAiBRQxIirGFODanx9ZP+CrkgBw:qJBy4HfcbGPbNrMM68zqkgeaxbP+G
Score

7^/10

discovery persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence