88df1b9a0095b38b55b3fdf66719deccad1ef2f8efeaa503cc8d34b69aeae338 | Triage

Sharing

General

Target

JaffaCakes118_72c1ea6b26e9e8aeef68f2721a3557d5
Size

131KB
Sample

250314-bzs95ax1et
MD5

72c1ea6b26e9e8aeef68f2721a3557d5
SHA1

448752b4af4b39552c21f855087cc51c6ef28fcc
SHA256

88df1b9a0095b38b55b3fdf66719deccad1ef2f8efeaa503cc8d34b69aeae338
SHA512

7a19153f96cc16143be5cb08f05795c17cb1f7a35fe886aa87bdb68257f090938fb8d20edae409fb7141ca7fb080e36b7a0e7a4585bc9b7d0214e8ec8fee0bdc
SSDEEP

3072:yGu9BlfzWIbXWm+w0Jp5iwZarcFxO/ImmDChxReco/OU643pEb:y/0uoYQ4bxcWR42

Score

10^/10

google discovery persistence phishing

Malware Config

Targets

- Target
  
  JaffaCakes118_72c1ea6b26e9e8aeef68f2721a3557d5
- Size
  
  131KB
- MD5
  
  72c1ea6b26e9e8aeef68f2721a3557d5
- SHA1
  
  448752b4af4b39552c21f855087cc51c6ef28fcc
- SHA256
  
  88df1b9a0095b38b55b3fdf66719deccad1ef2f8efeaa503cc8d34b69aeae338
- SHA512
  
  7a19153f96cc16143be5cb08f05795c17cb1f7a35fe886aa87bdb68257f090938fb8d20edae409fb7141ca7fb080e36b7a0e7a4585bc9b7d0214e8ec8fee0bdc
- SSDEEP
  
  3072:yGu9BlfzWIbXWm+w0Jp5iwZarcFxO/ImmDChxReco/OU643pEb:y/0uoYQ4bxcWR42
Score

10^/10

google discovery persistence phishing
- Detected google phishing page
  phishing google
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

googlediscoverypersistencephishing

behavioral2

discoverypersistence