06ee807a4476bf575ad67c992ba17f1d23a4de069b377a5be7525a41edcff13b | Triage

Sharing

General

Target

08448646852848257ba5f8a18100cf55_JaffaCakes118
Size

19KB
Sample

240620-v4qvcatdkp
MD5

08448646852848257ba5f8a18100cf55
SHA1

feb14a6fd71330cfe4f39df76d333e73d1a67bbd
SHA256

06ee807a4476bf575ad67c992ba17f1d23a4de069b377a5be7525a41edcff13b
SHA512

e285e223af3274d7db96ba9f472e46828942c12e67e664ed1cfb5a1d373af7d70ee51139d4fd77634f82cdaf282344003bf6facb2fe1705344ed0c251db0132a
SSDEEP

384:muuWSFaWryMUXGOudXPtrLoAzNIoXKmO0SoPF1JEXwtXRoaU4b4J9EeBvGFzoL7A:LYPyheXPtrLJNdK6TkXw0yEJ9Kz2s4yX

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  08448646852848257ba5f8a18100cf55_JaffaCakes118
- Size
  
  19KB
- MD5
  
  08448646852848257ba5f8a18100cf55
- SHA1
  
  feb14a6fd71330cfe4f39df76d333e73d1a67bbd
- SHA256
  
  06ee807a4476bf575ad67c992ba17f1d23a4de069b377a5be7525a41edcff13b
- SHA512
  
  e285e223af3274d7db96ba9f472e46828942c12e67e664ed1cfb5a1d373af7d70ee51139d4fd77634f82cdaf282344003bf6facb2fe1705344ed0c251db0132a
- SSDEEP
  
  384:muuWSFaWryMUXGOudXPtrLoAzNIoXKmO0SoPF1JEXwtXRoaU4b4J9EeBvGFzoL7A:LYPyheXPtrLJNdK6TkXw0yEJ9Kz2s4yX
Score

8^/10

persistence
- Sets service image path in registry
  persistence
- Deletes itself
- Executes dropped EXE
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2