bf9080cd5bebe5a74497bcf9e8d881fbb240a3c314b8a474a24f859b1e2acf27 | Triage

Sharing

General

Target

48840e75e64b02bf18673f76b1fc8099_JaffaCakes118
Size

171KB
Sample

240515-3a3k2shc3z
MD5

48840e75e64b02bf18673f76b1fc8099
SHA1

09daa48ca115def70eb17711cc39d5941e899f3a
SHA256

bf9080cd5bebe5a74497bcf9e8d881fbb240a3c314b8a474a24f859b1e2acf27
SHA512

ff6a002d388a6fca20663fc9d3143d0fecf17198ca9a810a35e1f9d17e4292c2653d4b883940793271b4f1a6fd0af142a5fb6ded9587b9966ebe0b035d15a7bc
SSDEEP

3072:ViyJwUtg9AHnOSrHGwtE/BVgshWjte4Yz7Js707xJJyBfhhdzg2WAA:dtJHnOSgSDW7Jso7xJJyHhrA

Score

8^/10

Malware Config

Targets

- Target
  
  48840e75e64b02bf18673f76b1fc8099_JaffaCakes118
- Size
  
  171KB
- MD5
  
  48840e75e64b02bf18673f76b1fc8099
- SHA1
  
  09daa48ca115def70eb17711cc39d5941e899f3a
- SHA256
  
  bf9080cd5bebe5a74497bcf9e8d881fbb240a3c314b8a474a24f859b1e2acf27
- SHA512
  
  ff6a002d388a6fca20663fc9d3143d0fecf17198ca9a810a35e1f9d17e4292c2653d4b883940793271b4f1a6fd0af142a5fb6ded9587b9966ebe0b035d15a7bc
- SSDEEP
  
  3072:ViyJwUtg9AHnOSrHGwtE/BVgshWjte4Yz7Js707xJJyBfhhdzg2WAA:dtJHnOSgSDW7Jso7xJJyHhrA
Score

8^/10
- Manipulates Digital Signatures
  Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

SIP and Trust Provider Hijacking

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2