deebe28e79cb0172654de638c2a3820d1e1cb10933f2f6893f3d0148dc0b8873 | Triage

Sharing

General

Target

2c4fd23c10b1e8d3000e18fd882d71a7_JaffaCakes118
Size

300KB
Sample

241009-gz6s4s1eka
MD5

2c4fd23c10b1e8d3000e18fd882d71a7
SHA1

edd302183150a63b90a717e238da723732897060
SHA256

deebe28e79cb0172654de638c2a3820d1e1cb10933f2f6893f3d0148dc0b8873
SHA512

182e4e1ef59a9c402bd01dfc3e86515d9efeeb38a7c4cec6a1c11842414ee435aac7ce78c1270ac498962b5f5d12b1db21702bb4425ae1a58794cd135b911e4e
SSDEEP

6144:97Lkj89csZUR7K94iF0iEaKyq+pwHreSNuQwQ9WigN:VLncsZcMxVqCmaSNP6

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  2c4fd23c10b1e8d3000e18fd882d71a7_JaffaCakes118
- Size
  
  300KB
- MD5
  
  2c4fd23c10b1e8d3000e18fd882d71a7
- SHA1
  
  edd302183150a63b90a717e238da723732897060
- SHA256
  
  deebe28e79cb0172654de638c2a3820d1e1cb10933f2f6893f3d0148dc0b8873
- SHA512
  
  182e4e1ef59a9c402bd01dfc3e86515d9efeeb38a7c4cec6a1c11842414ee435aac7ce78c1270ac498962b5f5d12b1db21702bb4425ae1a58794cd135b911e4e
- SSDEEP
  
  6144:97Lkj89csZUR7K94iF0iEaKyq+pwHreSNuQwQ9WigN:VLncsZcMxVqCmaSNP6
Score

7^/10

discovery persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2