1447a4805049163e80971936e33c88210a1878da3536cdf34694e26292283ade | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0617ac99b5b9a085f041b7c4876051e3_JaffaCakes118
Size

233KB
Sample

240620-py6qqaxhjc
MD5

0617ac99b5b9a085f041b7c4876051e3
SHA1

534775d3d6e5968a183dbf7ffb83d00775d76fc6
SHA256

1447a4805049163e80971936e33c88210a1878da3536cdf34694e26292283ade
SHA512

39276126baf7f57eca2f1e4754730aa457f644e811e3b1ede964f037aa55b2f075b6e8ec872cd631ba8c498c8cd41663476e7a2c7f990fd2fa1a0b63f94c1a61
SSDEEP

3072:oq44+GAr0KFV78ioFq9YNvSD/2dP15lCPZ3k/Bw8lx3dQYo6BHO7vhQHSNtPtC9L:r/whCslsRCRKnyYo6pO7pfJtCuLL4D

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  0617ac99b5b9a085f041b7c4876051e3_JaffaCakes118
- Size
  
  233KB
- MD5
  
  0617ac99b5b9a085f041b7c4876051e3
- SHA1
  
  534775d3d6e5968a183dbf7ffb83d00775d76fc6
- SHA256
  
  1447a4805049163e80971936e33c88210a1878da3536cdf34694e26292283ade
- SHA512
  
  39276126baf7f57eca2f1e4754730aa457f644e811e3b1ede964f037aa55b2f075b6e8ec872cd631ba8c498c8cd41663476e7a2c7f990fd2fa1a0b63f94c1a61
- SSDEEP
  
  3072:oq44+GAr0KFV78ioFq9YNvSD/2dP15lCPZ3k/Bw8lx3dQYo6BHO7vhQHSNtPtC9L:r/whCslsRCRKnyYo6pO7pfJtCuLL4D
Score

7^/10

persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Remote System Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2