e86d7c68db975be2e6c44f58d0f967152a2800f62c1b95fab3a4b21a9f2e238a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fdeb7db30421359974c02257157af277_JaffaCakes118
Size

276KB
Sample

240420-3nmrrade31
MD5

fdeb7db30421359974c02257157af277
SHA1

83c8599428077363fe3290c01d2b22d282bcaeda
SHA256

e86d7c68db975be2e6c44f58d0f967152a2800f62c1b95fab3a4b21a9f2e238a
SHA512

5c0513ae44f1eebc8e7c636c84c2288237bf407ad3983d1f9a0a2f30dd8dcdf4fb18400662e6ac3fe9807aefdd8304a5c967af50384907dee69ddac98f7e068c
SSDEEP

3072:fmPeRSxO5HsP9AduPzePymH7aOfTV5MuXca7YoNppT+ktz9jrUzcI7UvlJmlPuWL:+iSI5H0AGmmObPMuIc13jrZJW+

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  fdeb7db30421359974c02257157af277_JaffaCakes118
- Size
  
  276KB
- MD5
  
  fdeb7db30421359974c02257157af277
- SHA1
  
  83c8599428077363fe3290c01d2b22d282bcaeda
- SHA256
  
  e86d7c68db975be2e6c44f58d0f967152a2800f62c1b95fab3a4b21a9f2e238a
- SHA512
  
  5c0513ae44f1eebc8e7c636c84c2288237bf407ad3983d1f9a0a2f30dd8dcdf4fb18400662e6ac3fe9807aefdd8304a5c967af50384907dee69ddac98f7e068c
- SSDEEP
  
  3072:fmPeRSxO5HsP9AduPzePymH7aOfTV5MuXca7YoNppT+ktz9jrUzcI7UvlJmlPuWL:+iSI5H0AGmmObPMuIc13jrZJW+
Score

8^/10

persistence
- Drops file in Drivers directory
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2