b4530073224f4784aa35f5ce6cef5dda8355bda49a6e37d6e0178e02fde0db66 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

56ddb3ae0445b157e601f7157bb3e753_JaffaCakes118
Size

206KB
Sample

241018-l81exa1ejg
MD5

56ddb3ae0445b157e601f7157bb3e753
SHA1

636596633a11de92a24025b0cd5bfdf9e344d2c5
SHA256

b4530073224f4784aa35f5ce6cef5dda8355bda49a6e37d6e0178e02fde0db66
SHA512

d564e0c94ae745892ac523f67f690482eaf4b270faf3659c6cced2b111037eb731abdc1db7ccd53a39649da9a6d70cb9c18bd549b9e11796b933c87511d340fc
SSDEEP

6144:QOE0uuVK9uzOLapTiFVfJ/QiNdND1Wk4bH:u0fRoFVR/QiLvW7

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  56ddb3ae0445b157e601f7157bb3e753_JaffaCakes118
- Size
  
  206KB
- MD5
  
  56ddb3ae0445b157e601f7157bb3e753
- SHA1
  
  636596633a11de92a24025b0cd5bfdf9e344d2c5
- SHA256
  
  b4530073224f4784aa35f5ce6cef5dda8355bda49a6e37d6e0178e02fde0db66
- SHA512
  
  d564e0c94ae745892ac523f67f690482eaf4b270faf3659c6cced2b111037eb731abdc1db7ccd53a39649da9a6d70cb9c18bd549b9e11796b933c87511d340fc
- SSDEEP
  
  6144:QOE0uuVK9uzOLapTiFVfJ/QiNdND1Wk4bH:u0fRoFVR/QiLvW7
Score

7^/10

discovery persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2