a9b24019b9a5d27618a38edd3a73e3ee568039ecc8209441e53ec4e8a958b4bc | Triage

Sharing

General

Target

11702dc1e854f96f8a5350954a1a238e_JaffaCakes118
Size

5.5MB
Sample

240504-ena6yscf9y
MD5

11702dc1e854f96f8a5350954a1a238e
SHA1

9fe6d1c6ade3eb2951674940fbfaf39ef4eea046
SHA256

a9b24019b9a5d27618a38edd3a73e3ee568039ecc8209441e53ec4e8a958b4bc
SHA512

f7e3849cab831ce687a0d662b602ac7b03171ba3141267b89e57e5e2410d154802d6e4d8b53ab77de8222fb1d46516be07b12d492dc31874bc98fae9814fbda3
SSDEEP

98304:hlSYJlSyFelPJq6zp/5DLpxC0sGXe6wFNBH/sU7ZpFxBdfNLTLAyRp:fjl/wlxqmp/xLpxCCeXLH/5ZpFxLVUyT

Score

8^/10

execution persistence

Malware Config

Targets

- Target
  
  11702dc1e854f96f8a5350954a1a238e_JaffaCakes118
- Size
  
  5.5MB
- MD5
  
  11702dc1e854f96f8a5350954a1a238e
- SHA1
  
  9fe6d1c6ade3eb2951674940fbfaf39ef4eea046
- SHA256
  
  a9b24019b9a5d27618a38edd3a73e3ee568039ecc8209441e53ec4e8a958b4bc
- SHA512
  
  f7e3849cab831ce687a0d662b602ac7b03171ba3141267b89e57e5e2410d154802d6e4d8b53ab77de8222fb1d46516be07b12d492dc31874bc98fae9814fbda3
- SSDEEP
  
  98304:hlSYJlSyFelPJq6zp/5DLpxC0sGXe6wFNBH/sU7ZpFxBdfNLTLAyRp:fjl/wlxqmp/xLpxCCeXLH/5ZpFxLVUyT
Score

8^/10

execution persistence
- Modifies Installed Components in the registry
  persistence
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

executionpersistence

behavioral2

executionpersistence