622dcfa9e863b1ad9e41c3bc9275fb25b8873d183e360e40aba41b4f65f2ef59 | Triage

Sharing

General

Target

f9f210e2f9f58ed9052aa612f4e492b9_JaffaCakes118
Size

47KB
Sample

240419-kr464aea9z
MD5

f9f210e2f9f58ed9052aa612f4e492b9
SHA1

0c69bc4da801849ef19c28a8ebabffec919bab6f
SHA256

622dcfa9e863b1ad9e41c3bc9275fb25b8873d183e360e40aba41b4f65f2ef59
SHA512

61d85320965ad01d1e6665e5833ce0f9d81a82326180a291b8ffa4e9ac5b354da098c79fd75b5e2ede211bebbe77f4e5adfa8c8689098e2ba8f4dae374966553
SSDEEP

768:ClHGpwAO9Ix5Lnh92HY/5/NJlFd1VqGCZdbK/:2HGWAAIx5Lb2+/NJlz12g

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  f9f210e2f9f58ed9052aa612f4e492b9_JaffaCakes118
- Size
  
  47KB
- MD5
  
  f9f210e2f9f58ed9052aa612f4e492b9
- SHA1
  
  0c69bc4da801849ef19c28a8ebabffec919bab6f
- SHA256
  
  622dcfa9e863b1ad9e41c3bc9275fb25b8873d183e360e40aba41b4f65f2ef59
- SHA512
  
  61d85320965ad01d1e6665e5833ce0f9d81a82326180a291b8ffa4e9ac5b354da098c79fd75b5e2ede211bebbe77f4e5adfa8c8689098e2ba8f4dae374966553
- SSDEEP
  
  768:ClHGpwAO9Ix5Lnh92HY/5/NJlFd1VqGCZdbK/:2HGWAAIx5Lb2+/NJlz12g
Score

8^/10

persistence
- Adds policy Run key to start application
  persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2