9ae89ab61ecb0a42e29a3f7202036c2b2a453ab4dce883429df76c3c5757a4a4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

082e10ce44d909ddb83c8454c1ba8975_JaffaCakes118
Size

196KB
Sample

240624-ncbg1sygpc
MD5

082e10ce44d909ddb83c8454c1ba8975
SHA1

f9c8594687958e58e214a9ce303bc7e566cf747c
SHA256

9ae89ab61ecb0a42e29a3f7202036c2b2a453ab4dce883429df76c3c5757a4a4
SHA512

f205e7f48090ccf0b26b565706176b17966db7140eb44a70ccec3e74069de41e798ec67a0ae39ac7059965ea8ef43f25c07ce65b0c25c7451c47256143670947
SSDEEP

1536:L/sbjt/BP+CkIMsw8yarcjF4gVj8NFAteFsy7n14F7wgQUjx:L/stIxHaIHeNFVFsyTU3QUV

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  082e10ce44d909ddb83c8454c1ba8975_JaffaCakes118
- Size
  
  196KB
- MD5
  
  082e10ce44d909ddb83c8454c1ba8975
- SHA1
  
  f9c8594687958e58e214a9ce303bc7e566cf747c
- SHA256
  
  9ae89ab61ecb0a42e29a3f7202036c2b2a453ab4dce883429df76c3c5757a4a4
- SHA512
  
  f205e7f48090ccf0b26b565706176b17966db7140eb44a70ccec3e74069de41e798ec67a0ae39ac7059965ea8ef43f25c07ce65b0c25c7451c47256143670947
- SSDEEP
  
  1536:L/sbjt/BP+CkIMsw8yarcjF4gVj8NFAteFsy7n14F7wgQUjx:L/stIxHaIHeNFVFsyTU3QUV
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence