14a3bed2f9d5bb9d0b903cdbe9e621951b810d2de98da758b1ff2dd496397ef9 | Triage

Sharing

General

Target

JaffaCakes118_e267d44d777a895484903cf102497947
Size

231KB
Sample

250120-kzxf8asjbj
MD5

e267d44d777a895484903cf102497947
SHA1

8f0f2060345ab4c133f928d334e4d6efca1211c6
SHA256

14a3bed2f9d5bb9d0b903cdbe9e621951b810d2de98da758b1ff2dd496397ef9
SHA512

8b4b0287ebc10d6082da4075ce6da14ac3e751f3e34300d81410732a3ff617ee616e6e3f5ab1d38498863b236fa2b89e300b7a58a3a3217f167e3850a0a32209
SSDEEP

3072:zysX0WxnWd/IkmL+PViEbmzwtz/wk8YWbP:mskd/IkmuVfyWdMP

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  JaffaCakes118_e267d44d777a895484903cf102497947
- Size
  
  231KB
- MD5
  
  e267d44d777a895484903cf102497947
- SHA1
  
  8f0f2060345ab4c133f928d334e4d6efca1211c6
- SHA256
  
  14a3bed2f9d5bb9d0b903cdbe9e621951b810d2de98da758b1ff2dd496397ef9
- SHA512
  
  8b4b0287ebc10d6082da4075ce6da14ac3e751f3e34300d81410732a3ff617ee616e6e3f5ab1d38498863b236fa2b89e300b7a58a3a3217f167e3850a0a32209
- SSDEEP
  
  3072:zysX0WxnWd/IkmL+PViEbmzwtz/wk8YWbP:mskd/IkmuVfyWdMP
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence