13819108e0ca984ad6e23e27e88a313abaafd8ef0afd641dadb7c4d30d0df361 | Triage

Sharing

General

Target

0cb8f1dc418d723575a0654b7cca4fe4_JaffaCakes118
Size

1.9MB
Sample

240501-ys45dahe96
MD5

0cb8f1dc418d723575a0654b7cca4fe4
SHA1

37f807b39ed19420a3d4337f36ef83d0fd4f3326
SHA256

13819108e0ca984ad6e23e27e88a313abaafd8ef0afd641dadb7c4d30d0df361
SHA512

2b024b0394e75dc28909cd87dcdbc3de432cb69ed633568885cbad14a73edebde672e1ad340e1521437fb253d35a6da342afb3f944f0903513ea763bb328e860
SSDEEP

12288:qZox6QBFWSdKDHwHWq9mVmr/FZatvlwmpJ:5x6BSdK7wx75Za9

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  0cb8f1dc418d723575a0654b7cca4fe4_JaffaCakes118
- Size
  
  1.9MB
- MD5
  
  0cb8f1dc418d723575a0654b7cca4fe4
- SHA1
  
  37f807b39ed19420a3d4337f36ef83d0fd4f3326
- SHA256
  
  13819108e0ca984ad6e23e27e88a313abaafd8ef0afd641dadb7c4d30d0df361
- SHA512
  
  2b024b0394e75dc28909cd87dcdbc3de432cb69ed633568885cbad14a73edebde672e1ad340e1521437fb253d35a6da342afb3f944f0903513ea763bb328e860
- SSDEEP
  
  12288:qZox6QBFWSdKDHwHWq9mVmr/FZatvlwmpJ:5x6BSdK7wx75Za9
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2