4bc8f12a15649d07bb4b714f578c703b9594e554eefb2457a2914705098d936b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0fab57f6e64a79be4a2307ae00552498_JaffaCakes118
Size

15KB
Sample

240625-1sfswsyaqp
MD5

0fab57f6e64a79be4a2307ae00552498
SHA1

732836d2cdd69309334eace26dbbdf4e59a41ebd
SHA256

4bc8f12a15649d07bb4b714f578c703b9594e554eefb2457a2914705098d936b
SHA512

ff9ce1ddb8a35228051fd6cec8a01b988c3dc5ad21517b3d70b0cc9bc07eced48dc66afcd7925aaf86595e8f6396330b2aebd3d83022674d046cecde86d56189
SSDEEP

192:NePoLAFjpD6DcvdJhzX41neobcBWtVtvXBVrHbMDM2RvZQKmqSwO4+hSz3g3Azdp:NuO+jpGoFJqnxtHBVrHC5vCKOwdQE+5Y

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  0fab57f6e64a79be4a2307ae00552498_JaffaCakes118
- Size
  
  15KB
- MD5
  
  0fab57f6e64a79be4a2307ae00552498
- SHA1
  
  732836d2cdd69309334eace26dbbdf4e59a41ebd
- SHA256
  
  4bc8f12a15649d07bb4b714f578c703b9594e554eefb2457a2914705098d936b
- SHA512
  
  ff9ce1ddb8a35228051fd6cec8a01b988c3dc5ad21517b3d70b0cc9bc07eced48dc66afcd7925aaf86595e8f6396330b2aebd3d83022674d046cecde86d56189
- SSDEEP
  
  192:NePoLAFjpD6DcvdJhzX41neobcBWtVtvXBVrHbMDM2RvZQKmqSwO4+hSz3g3Azdp:NuO+jpGoFJqnxtHBVrHC5vCKOwdQE+5Y
Score

8^/10

persistence
- Adds policy Run key to start application
  persistence
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2