9f5e2f8ea23aec596eb881516ee8528fcddb0844fc40235a2ab8433d81d8fea3 | Triage

Sharing

General

Target

JaffaCakes118_70a584da4e8c4e2c1d95b4eb6f912322
Size

381KB
Sample

250313-p19kdsszfy
MD5

70a584da4e8c4e2c1d95b4eb6f912322
SHA1

f72bec9b1922f44b0ff1078102bd14125d803c66
SHA256

9f5e2f8ea23aec596eb881516ee8528fcddb0844fc40235a2ab8433d81d8fea3
SHA512

72046acabfc0d55a2a2ac053239100e0209be98bd108cff8385b62202bccbc05be5551bc0e79fcd01671d706774aceeeb6d70581aada398ce0c0adf1d153c8ed
SSDEEP

6144:CF0GzZSJFXD4nogi3hTnrkqd5bRPXkEOIEY3zuyKzOd+ZmT1P8QSXZTgALWjkELg:CF0GKXD4GTrk45bR80d+ZmihZTgK1ePY

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  JaffaCakes118_70a584da4e8c4e2c1d95b4eb6f912322
- Size
  
  381KB
- MD5
  
  70a584da4e8c4e2c1d95b4eb6f912322
- SHA1
  
  f72bec9b1922f44b0ff1078102bd14125d803c66
- SHA256
  
  9f5e2f8ea23aec596eb881516ee8528fcddb0844fc40235a2ab8433d81d8fea3
- SHA512
  
  72046acabfc0d55a2a2ac053239100e0209be98bd108cff8385b62202bccbc05be5551bc0e79fcd01671d706774aceeeb6d70581aada398ce0c0adf1d153c8ed
- SSDEEP
  
  6144:CF0GzZSJFXD4nogi3hTnrkqd5bRPXkEOIEY3zuyKzOd+ZmT1P8QSXZTgALWjkELg:CF0GKXD4GTrk45bR80d+ZmihZTgK1ePY
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Network Share Discovery
  Attempt to gather information on host network.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Network Share Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2