f5c20103421eede28403041e64901e7ced90490572676887b623c166e528183d | Triage

Sharing

General

Target

0867fb3f964b7b6562c6b6426e5a6875_JaffaCakes118
Size

197KB
Sample

240620-whhsaazeqh
MD5

0867fb3f964b7b6562c6b6426e5a6875
SHA1

c0df6a4997a72134dfaf9f9c5dddf4b85081889c
SHA256

f5c20103421eede28403041e64901e7ced90490572676887b623c166e528183d
SHA512

1e3d3b5c6e18f6980979a794bfc4eed96ff72e94eae35ef72169e892bf134441163f9da642cb6d4666310d928eead23ae3f9cc9cddfa0bef90aff807f15cb878
SSDEEP

3072:S4Grt1OnsS8QBnLUheEVO5AWKWvKDMww+rvIJvZoXhm+2ea57oDei5L:/GrtgnssLYoANWvK4ww6IwtUuz5L

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  0867fb3f964b7b6562c6b6426e5a6875_JaffaCakes118
- Size
  
  197KB
- MD5
  
  0867fb3f964b7b6562c6b6426e5a6875
- SHA1
  
  c0df6a4997a72134dfaf9f9c5dddf4b85081889c
- SHA256
  
  f5c20103421eede28403041e64901e7ced90490572676887b623c166e528183d
- SHA512
  
  1e3d3b5c6e18f6980979a794bfc4eed96ff72e94eae35ef72169e892bf134441163f9da642cb6d4666310d928eead23ae3f9cc9cddfa0bef90aff807f15cb878
- SSDEEP
  
  3072:S4Grt1OnsS8QBnLUheEVO5AWKWvKDMww+rvIJvZoXhm+2ea57oDei5L:/GrtgnssLYoANWvK4ww6IwtUuz5L
Score

10^/10

evasion persistence
- Modifies security service
  evasion
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence