63142cd4de2391551048db615c78e2360e10f146b610a10caa9c01421c686efe | Triage

Sharing

General

Target

1493f7df02a11e3cd9c85ac2e0650997_JaffaCakes118
Size

81KB
Sample

240504-1fp6ssca2t
MD5

1493f7df02a11e3cd9c85ac2e0650997
SHA1

6bfa4bef31d77b0af520da09e300fa43fe3b80f9
SHA256

63142cd4de2391551048db615c78e2360e10f146b610a10caa9c01421c686efe
SHA512

7473ac1faae2b7eddd639bb4d767cf780ebe17518cb16e9679be20cba39b2ab50e41cb60d175556e85695688c51b95218df7cdde8bef2317ae8efbf425c3f4f0
SSDEEP

1536:xFqsQSZRzMfmCj/5gXVV66VyUD6CS3f1TqoIM:TnZRzImCr5glVLgUDBk1ue

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  1493f7df02a11e3cd9c85ac2e0650997_JaffaCakes118
- Size
  
  81KB
- MD5
  
  1493f7df02a11e3cd9c85ac2e0650997
- SHA1
  
  6bfa4bef31d77b0af520da09e300fa43fe3b80f9
- SHA256
  
  63142cd4de2391551048db615c78e2360e10f146b610a10caa9c01421c686efe
- SHA512
  
  7473ac1faae2b7eddd639bb4d767cf780ebe17518cb16e9679be20cba39b2ab50e41cb60d175556e85695688c51b95218df7cdde8bef2317ae8efbf425c3f4f0
- SSDEEP
  
  1536:xFqsQSZRzMfmCj/5gXVV66VyUD6CS3f1TqoIM:TnZRzImCr5glVLgUDBk1ue
Score

8^/10

persistence
- Adds policy Run key to start application
  persistence
- Sets service image path in registry
  persistence
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2