175632ea5f75d18a938d2a47c1a949e24471b862c18018360ccc9fa763167218 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3768a0f4934d3d9f907f2002a67b434d_JaffaCakes118
Size

568KB
Sample

241011-3q2zfsvflq
MD5

3768a0f4934d3d9f907f2002a67b434d
SHA1

d61545256415dc2adf3b8a5c54fbd80aa87a3185
SHA256

175632ea5f75d18a938d2a47c1a949e24471b862c18018360ccc9fa763167218
SHA512

12ca1f5bf0c58d2c1b59011d4cb5fb08757e87425900ffa7480f3e79190462ae929e211718b6afb5d05b99efb2f550b29569f01248a4267c93c35898e6723906
SSDEEP

12288:H/2zQdOdhoMW7k7PMe364ta9GaJoAvNBExA2K5agXTRwWFShQ5qsO8fNb:6yk7PMat

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  3768a0f4934d3d9f907f2002a67b434d_JaffaCakes118
- Size
  
  568KB
- MD5
  
  3768a0f4934d3d9f907f2002a67b434d
- SHA1
  
  d61545256415dc2adf3b8a5c54fbd80aa87a3185
- SHA256
  
  175632ea5f75d18a938d2a47c1a949e24471b862c18018360ccc9fa763167218
- SHA512
  
  12ca1f5bf0c58d2c1b59011d4cb5fb08757e87425900ffa7480f3e79190462ae929e211718b6afb5d05b99efb2f550b29569f01248a4267c93c35898e6723906
- SSDEEP
  
  12288:H/2zQdOdhoMW7k7PMe364ta9GaJoAvNBExA2K5agXTRwWFShQ5qsO8fNb:6yk7PMat
Score

7^/10

discovery persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence