b2af5d2c0e9e56a42c9a83d1a91b37da1f5b2e263d906a74c58725d34f7cd906 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6a75a6c9fc40bdd01435818e761cbcc6_JaffaCakes118
Size

145KB
Sample

240523-k85h7abg43
MD5

6a75a6c9fc40bdd01435818e761cbcc6
SHA1

758743f51724c677b5ce59d52d5292e3522bc0b0
SHA256

b2af5d2c0e9e56a42c9a83d1a91b37da1f5b2e263d906a74c58725d34f7cd906
SHA512

b9fdaffe53e70c98d6bba05007d1ff9b31bf947dbef68cacaf808768e38d7c4591aac93e0298e3724cd18db4b8157a9c2f196f8381993e55567c187b97c2b35d
SSDEEP

3072:jmVW8iTX/3RfldjjXq1+0cxxsWEL02fXcIp08MoepPdw7:aM7jJlRexYTHYZMJdw7

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  6a75a6c9fc40bdd01435818e761cbcc6_JaffaCakes118
- Size
  
  145KB
- MD5
  
  6a75a6c9fc40bdd01435818e761cbcc6
- SHA1
  
  758743f51724c677b5ce59d52d5292e3522bc0b0
- SHA256
  
  b2af5d2c0e9e56a42c9a83d1a91b37da1f5b2e263d906a74c58725d34f7cd906
- SHA512
  
  b9fdaffe53e70c98d6bba05007d1ff9b31bf947dbef68cacaf808768e38d7c4591aac93e0298e3724cd18db4b8157a9c2f196f8381993e55567c187b97c2b35d
- SSDEEP
  
  3072:jmVW8iTX/3RfldjjXq1+0cxxsWEL02fXcIp08MoepPdw7:aM7jJlRexYTHYZMJdw7
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2