8d821786b32b70631fa2186d5fcabe3154f50c38820ea4cdbb5a58c84c042dea | Triage

Sharing

General

Target

3fc78719149e041079fc97804d2733e3_JaffaCakes118
Size

145KB
Sample

241013-pckw5azhmp
MD5

3fc78719149e041079fc97804d2733e3
SHA1

343a1999113e150d4abd341a6ed9225676ea34e4
SHA256

8d821786b32b70631fa2186d5fcabe3154f50c38820ea4cdbb5a58c84c042dea
SHA512

5684c112c377b8c29bad870a6f8fb00a9db5bf9ac79a812f01e60aa10f60a83c4b8ce4669f43f01462246eccd35171002bbf9d635d15eaa61c7a836d9257e45c
SSDEEP

3072:2Gu9BlfzWIbXWm+w0J5W5iqTuJNig01WmKnBsB4JlnWEX:2/0uo1EgIWIB4LX

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  3fc78719149e041079fc97804d2733e3_JaffaCakes118
- Size
  
  145KB
- MD5
  
  3fc78719149e041079fc97804d2733e3
- SHA1
  
  343a1999113e150d4abd341a6ed9225676ea34e4
- SHA256
  
  8d821786b32b70631fa2186d5fcabe3154f50c38820ea4cdbb5a58c84c042dea
- SHA512
  
  5684c112c377b8c29bad870a6f8fb00a9db5bf9ac79a812f01e60aa10f60a83c4b8ce4669f43f01462246eccd35171002bbf9d635d15eaa61c7a836d9257e45c
- SSDEEP
  
  3072:2Gu9BlfzWIbXWm+w0J5W5iqTuJNig01WmKnBsB4JlnWEX:2/0uo1EgIWIB4LX
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence