38e40503934469a92b322f085dc8de17447f3601d1035f2a5f30c13c55684266 | Triage

Sharing

General

Target

ed56427fddd6211c6686cf5a8dd784d2_JaffaCakes118
Size

4.0MB
Sample

240411-ntrkkadh2z
MD5

ed56427fddd6211c6686cf5a8dd784d2
SHA1

43bd4947813937a330e1bc44ef7a38b587ee71aa
SHA256

38e40503934469a92b322f085dc8de17447f3601d1035f2a5f30c13c55684266
SHA512

d57e1b982ab6ec4805315b45a59ce573bd777536ec4a61042e2774a5d64c69b838744ff0c90bdaf83d0176e94754b2b29490911dc4ab8bca350524b5b27f03d8
SSDEEP

98304:R5a9CpQUPPxb6eiGdAem5qaVGMEjcwRcTRgRsp1sv1uA:R5Bp3JueiqAemDGMycwRcTqC7A

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  ed56427fddd6211c6686cf5a8dd784d2_JaffaCakes118
- Size
  
  4.0MB
- MD5
  
  ed56427fddd6211c6686cf5a8dd784d2
- SHA1
  
  43bd4947813937a330e1bc44ef7a38b587ee71aa
- SHA256
  
  38e40503934469a92b322f085dc8de17447f3601d1035f2a5f30c13c55684266
- SHA512
  
  d57e1b982ab6ec4805315b45a59ce573bd777536ec4a61042e2774a5d64c69b838744ff0c90bdaf83d0176e94754b2b29490911dc4ab8bca350524b5b27f03d8
- SSDEEP
  
  98304:R5a9CpQUPPxb6eiGdAem5qaVGMEjcwRcTRgRsp1sv1uA:R5Bp3JueiqAemDGMycwRcTqC7A
Score

8^/10

persistence
- Adds policy Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2