0bde7e5a2b136c0733a2cc8a834c41260d79bfb8dea901edf672cd055c6fd802 | Triage

Sharing

General

Target

30219fa7306fba1b6336adeaae4b15d8_JaffaCakes118
Size

127KB
Sample

240510-vkhpmabb42
MD5

30219fa7306fba1b6336adeaae4b15d8
SHA1

a3a7b8415b8919d1db0d1543fa608a03b14f9576
SHA256

0bde7e5a2b136c0733a2cc8a834c41260d79bfb8dea901edf672cd055c6fd802
SHA512

ae717d67c953677ea076f0588b246690d01675def1ff8e0b92a7aefd09089a25bc978109f20dae952f123e943e3687679669f4d27d6abf89c6a4cf9767f4a6fb
SSDEEP

3072:ucaJvW8koHjmX+1+0cxxsWEsJ0ifXcIp08Moeuca6YZ:ucaJuqVxYT52MZMucar

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  30219fa7306fba1b6336adeaae4b15d8_JaffaCakes118
- Size
  
  127KB
- MD5
  
  30219fa7306fba1b6336adeaae4b15d8
- SHA1
  
  a3a7b8415b8919d1db0d1543fa608a03b14f9576
- SHA256
  
  0bde7e5a2b136c0733a2cc8a834c41260d79bfb8dea901edf672cd055c6fd802
- SHA512
  
  ae717d67c953677ea076f0588b246690d01675def1ff8e0b92a7aefd09089a25bc978109f20dae952f123e943e3687679669f4d27d6abf89c6a4cf9767f4a6fb
- SSDEEP
  
  3072:ucaJvW8koHjmX+1+0cxxsWEsJ0ifXcIp08Moeuca6YZ:ucaJuqVxYT52MZMucar
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2