0dc3708671d7dd5aa29156fbb0bb55d44a51d25608c52ff3a72de6e4e6981580 | Triage

Sharing

General

Target

178e7712f41e6c38e456a16f2db81ec9_JaffaCakes118
Size

227KB
Sample

240505-n3nv2ahc31
MD5

178e7712f41e6c38e456a16f2db81ec9
SHA1

da38d7a301519bec47752ee6bff74b254df059a7
SHA256

0dc3708671d7dd5aa29156fbb0bb55d44a51d25608c52ff3a72de6e4e6981580
SHA512

23f3e8ecf75f7b2aed77523fe11eca2e55fe3caf3315dd25d1a8645d941236538dbb611edcdd4f0a586c9d9679df104300649d046d2ccea26717c159b0fc41f3
SSDEEP

6144:8EicAkEicAKKJNfTxo2i4Qiza4O7N682m:gc7ctKJ16Gna4Y6i

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  178e7712f41e6c38e456a16f2db81ec9_JaffaCakes118
- Size
  
  227KB
- MD5
  
  178e7712f41e6c38e456a16f2db81ec9
- SHA1
  
  da38d7a301519bec47752ee6bff74b254df059a7
- SHA256
  
  0dc3708671d7dd5aa29156fbb0bb55d44a51d25608c52ff3a72de6e4e6981580
- SHA512
  
  23f3e8ecf75f7b2aed77523fe11eca2e55fe3caf3315dd25d1a8645d941236538dbb611edcdd4f0a586c9d9679df104300649d046d2ccea26717c159b0fc41f3
- SSDEEP
  
  6144:8EicAkEicAKKJNfTxo2i4Qiza4O7N682m:gc7ctKJ16Gna4Y6i
Score

8^/10

persistence
- Sets file execution options in registry
  persistence
- Modifies system executable filetype association
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Event Triggered Execution

Change Default File Association

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Event Triggered Execution

Change Default File Association

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2