e40856cb673509340bf824b903a2ddf4448f1c7566118ed82c8eee2653469170 | Triage

Sharing

General

Target

57415b17ff212c62c2d9efa0b31fd774_JaffaCakes118
Size

19KB
Sample

241018-nv472sxflk
MD5

57415b17ff212c62c2d9efa0b31fd774
SHA1

b460669b96a65d64e949211bbf5f0033393725d2
SHA256

e40856cb673509340bf824b903a2ddf4448f1c7566118ed82c8eee2653469170
SHA512

826d90590d6869e308f15dad2fabd2d543ce910a6934b5b21a7de6883f91af92cab59b6b75eba6450407e69d0af49f3568af7f559885b45f1eae86ac0918d224
SSDEEP

384:rUzqfBO/OFVZGRi8Whk8Dre2kj+/hSbpRbzyLA2VPIvdgBPb:AYBOEAW6crXkOhSdpCcW

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  57415b17ff212c62c2d9efa0b31fd774_JaffaCakes118
- Size
  
  19KB
- MD5
  
  57415b17ff212c62c2d9efa0b31fd774
- SHA1
  
  b460669b96a65d64e949211bbf5f0033393725d2
- SHA256
  
  e40856cb673509340bf824b903a2ddf4448f1c7566118ed82c8eee2653469170
- SHA512
  
  826d90590d6869e308f15dad2fabd2d543ce910a6934b5b21a7de6883f91af92cab59b6b75eba6450407e69d0af49f3568af7f559885b45f1eae86ac0918d224
- SSDEEP
  
  384:rUzqfBO/OFVZGRi8Whk8Dre2kj+/hSbpRbzyLA2VPIvdgBPb:AYBOEAW6crXkOhSdpCcW
Score

7^/10

discovery persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence