e4c2da2f5d198e063fb4eb53be4f67bb1d21f4a674ed6aeb7063f336f21e4db3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

378daa30c361a50f5e3bc6c274ea2bb8_JaffaCakes118
Size

236KB
Sample

241012-apq7cawhkp
MD5

378daa30c361a50f5e3bc6c274ea2bb8
SHA1

3fd274b1b788574f9dea8f6ecdf00fa30e55c5ea
SHA256

e4c2da2f5d198e063fb4eb53be4f67bb1d21f4a674ed6aeb7063f336f21e4db3
SHA512

766b2d20496a411e100f7e86423cab7b10f506778a84e7e56d3a43ef78b39c309a24e1592f8fb5cc58ff3f30a90bcafa953383df8faf5f90b418a644e449a735
SSDEEP

3072:SeqmgHwlaazN9U3J+P0wFp+bLrt2wkkIq:+Qj9U3jwO3rt5V

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  378daa30c361a50f5e3bc6c274ea2bb8_JaffaCakes118
- Size
  
  236KB
- MD5
  
  378daa30c361a50f5e3bc6c274ea2bb8
- SHA1
  
  3fd274b1b788574f9dea8f6ecdf00fa30e55c5ea
- SHA256
  
  e4c2da2f5d198e063fb4eb53be4f67bb1d21f4a674ed6aeb7063f336f21e4db3
- SHA512
  
  766b2d20496a411e100f7e86423cab7b10f506778a84e7e56d3a43ef78b39c309a24e1592f8fb5cc58ff3f30a90bcafa953383df8faf5f90b418a644e449a735
- SSDEEP
  
  3072:SeqmgHwlaazN9U3J+P0wFp+bLrt2wkkIq:+Qj9U3jwO3rt5V
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence