e60f3f55694b6e79210f7a0d050232ba4856e7e09512437c38a49f976bf89879 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

398262606ee6c39c56aeb6499619cc62_JaffaCakes118
Size

1.1MB
Sample

241012-mexmlazfqn
MD5

398262606ee6c39c56aeb6499619cc62
SHA1

b7b21addbc5a59d113463db623c25a84885c70f1
SHA256

e60f3f55694b6e79210f7a0d050232ba4856e7e09512437c38a49f976bf89879
SHA512

8bbfe243a2e099f191844f35a51f99e76b50485af4580d94cf7a01bb2109d2d4ee54b283ddfcab3425a864d72b8a3fc2e2721b6c7cf4bf87fff6446efa947843
SSDEEP

24576:NTfnHuqt0zMW20TMfNTtHLjyYtSCnSP82/XIXrQiCPX1wkeqy:5t0zOA2NTp4P1M8rb

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  398262606ee6c39c56aeb6499619cc62_JaffaCakes118
- Size
  
  1.1MB
- MD5
  
  398262606ee6c39c56aeb6499619cc62
- SHA1
  
  b7b21addbc5a59d113463db623c25a84885c70f1
- SHA256
  
  e60f3f55694b6e79210f7a0d050232ba4856e7e09512437c38a49f976bf89879
- SHA512
  
  8bbfe243a2e099f191844f35a51f99e76b50485af4580d94cf7a01bb2109d2d4ee54b283ddfcab3425a864d72b8a3fc2e2721b6c7cf4bf87fff6446efa947843
- SSDEEP
  
  24576:NTfnHuqt0zMW20TMfNTtHLjyYtSCnSP82/XIXrQiCPX1wkeqy:5t0zOA2NTp4P1M8rb
Score

7^/10

discovery persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence