8831a010001a75278392466476405a8df640db0f9dd0c16f2ab2573c163043a8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3848cfe0323c7d0c0b387da1cd4288e3_JaffaCakes118
Size

215KB
Sample

241012-d97xda1fne
MD5

3848cfe0323c7d0c0b387da1cd4288e3
SHA1

771f625eff6c6a2c4c0811c89397c8c4457c86ea
SHA256

8831a010001a75278392466476405a8df640db0f9dd0c16f2ab2573c163043a8
SHA512

cff61970cb51cb734e51c695bc0fbb9c32383ace2a521517262692fc7e3305e7106cea3d6984ff9e6fe660ab20702d3c263248b6d8d4d1be041c84e276c4f748
SSDEEP

3072:i2zyp8caP5sqvUd0EuoBtLM4GzsX12vQTDdfON9YJbF0c1ZG7CO1zO6KIgaIm95:bzIpo1Ud0EuktLwiDdEcBU7ZC6VgaIm

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  3848cfe0323c7d0c0b387da1cd4288e3_JaffaCakes118
- Size
  
  215KB
- MD5
  
  3848cfe0323c7d0c0b387da1cd4288e3
- SHA1
  
  771f625eff6c6a2c4c0811c89397c8c4457c86ea
- SHA256
  
  8831a010001a75278392466476405a8df640db0f9dd0c16f2ab2573c163043a8
- SHA512
  
  cff61970cb51cb734e51c695bc0fbb9c32383ace2a521517262692fc7e3305e7106cea3d6984ff9e6fe660ab20702d3c263248b6d8d4d1be041c84e276c4f748
- SSDEEP
  
  3072:i2zyp8caP5sqvUd0EuoBtLM4GzsX12vQTDdfON9YJbF0c1ZG7CO1zO6KIgaIm95:bzIpo1Ud0EuktLwiDdEcBU7ZC6VgaIm
Score

7^/10

discovery persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2