821988576c459355ef685a67f03ab86aa48d5458a407810a9a4f9311e43c83ec | Triage

Sharing

Copy URL Twitter E-mail

General

Target

03552fa35d04367ddd23493cb728040d_JaffaCakes118
Size

17KB
Sample

240620-gem59swfqj
MD5

03552fa35d04367ddd23493cb728040d
SHA1

34e7f98136f1a29bad6caf002edf689e1447a7f0
SHA256

821988576c459355ef685a67f03ab86aa48d5458a407810a9a4f9311e43c83ec
SHA512

75345d093e24da2e0cb83b2d697f7cdb396482c55d1cd28c52cc8c89ff3e415a14d5dd3ef3552c1191b8e9c92b64bbc6a93b983b142b383bcfb3a6c818e8f619
SSDEEP

384:UWKbOz1/BUN75iRIGfHWH6fx92yCCTppaL8yvniE:kOzvA5ilHzfxFCCTpa8WiE

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  03552fa35d04367ddd23493cb728040d_JaffaCakes118
- Size
  
  17KB
- MD5
  
  03552fa35d04367ddd23493cb728040d
- SHA1
  
  34e7f98136f1a29bad6caf002edf689e1447a7f0
- SHA256
  
  821988576c459355ef685a67f03ab86aa48d5458a407810a9a4f9311e43c83ec
- SHA512
  
  75345d093e24da2e0cb83b2d697f7cdb396482c55d1cd28c52cc8c89ff3e415a14d5dd3ef3552c1191b8e9c92b64bbc6a93b983b142b383bcfb3a6c818e8f619
- SSDEEP
  
  384:UWKbOz1/BUN75iRIGfHWH6fx92yCCTppaL8yvniE:kOzvA5ilHzfxFCCTpa8WiE
Score

8^/10

persistence
- Sets service image path in registry
  persistence
- Deletes itself
- Executes dropped EXE
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2