6074e26993a7a28d4527ec78e6dbb2a97711025dc9ee3788057cbe4551f3c105 | Triage

Sharing

General

Target

176f3c4b011b48649d3a655df5b0210f_JaffaCakes118
Size

149KB
Sample

240505-ne863agd7t
MD5

176f3c4b011b48649d3a655df5b0210f
SHA1

cea38112f7148dbd1647acf3bb68da989fffb916
SHA256

6074e26993a7a28d4527ec78e6dbb2a97711025dc9ee3788057cbe4551f3c105
SHA512

28b488fe1b38e391dffd5a049d603b40549b165c413dcc452f8311a92e7e6ef7b767005c032c0263c75f0a331be1c10a8316b2240476491afff1ff07da40f0d5
SSDEEP

3072:ucaJvW8koHjmX+1+0cxxsWEsJ0ifXcIp08MoeTfBkXMAWXDRZdmNHPGt115:ucaJuqVxYT52MZMTpkXM9TRZdTt1f

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  176f3c4b011b48649d3a655df5b0210f_JaffaCakes118
- Size
  
  149KB
- MD5
  
  176f3c4b011b48649d3a655df5b0210f
- SHA1
  
  cea38112f7148dbd1647acf3bb68da989fffb916
- SHA256
  
  6074e26993a7a28d4527ec78e6dbb2a97711025dc9ee3788057cbe4551f3c105
- SHA512
  
  28b488fe1b38e391dffd5a049d603b40549b165c413dcc452f8311a92e7e6ef7b767005c032c0263c75f0a331be1c10a8316b2240476491afff1ff07da40f0d5
- SSDEEP
  
  3072:ucaJvW8koHjmX+1+0cxxsWEsJ0ifXcIp08MoeTfBkXMAWXDRZdmNHPGt115:ucaJuqVxYT52MZMTpkXM9TRZdTt1f
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2