a4ebe8702456763f2331e3beff3cdbc23b2c4087f9b6e00fcea04e6c0bc0b238 | Triage

Sharing

General

Target

JaffaCakes118_98213d5695567131c847160bfc05f13e
Size

674KB
Sample

250204-znz6as1rdt
MD5

98213d5695567131c847160bfc05f13e
SHA1

8db61294e2c10364533f858047c5bb755327a425
SHA256

a4ebe8702456763f2331e3beff3cdbc23b2c4087f9b6e00fcea04e6c0bc0b238
SHA512

5e79743faa6d870e8936bdf86be17156a3bcb53800d0be2ec844bfeabcbf65d2479c479647a30be67ab99c2961a3df1fbd82c419a8ab9be50d8ecdeb5e54f860
SSDEEP

12288:5NAHr5Vnu0rLysASCvrabYNcvCLBtm+M5vTP2d65sUFX0+sHe5dWvF+pYj/6n7no:C7ParV8a5vHH78JG4/yaOsB

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  JaffaCakes118_98213d5695567131c847160bfc05f13e
- Size
  
  674KB
- MD5
  
  98213d5695567131c847160bfc05f13e
- SHA1
  
  8db61294e2c10364533f858047c5bb755327a425
- SHA256
  
  a4ebe8702456763f2331e3beff3cdbc23b2c4087f9b6e00fcea04e6c0bc0b238
- SHA512
  
  5e79743faa6d870e8936bdf86be17156a3bcb53800d0be2ec844bfeabcbf65d2479c479647a30be67ab99c2961a3df1fbd82c419a8ab9be50d8ecdeb5e54f860
- SSDEEP
  
  12288:5NAHr5Vnu0rLysASCvrabYNcvCLBtm+M5vTP2d65sUFX0+sHe5dWvF+pYj/6n7no:C7ParV8a5vHH78JG4/yaOsB
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence