3b9dde091d39fa8c99225f1e128170cec036b6f5d5f10f0c899f89f1f5c8356b | Triage

Sharing

General

Target

17d1235a8d9a35912cfeb30bb1505f9e_JaffaCakes118
Size

19KB
Sample

240627-2q6rzayckq
MD5

17d1235a8d9a35912cfeb30bb1505f9e
SHA1

b50a0c3b59130c9156876ab18dd0a97ab43dea87
SHA256

3b9dde091d39fa8c99225f1e128170cec036b6f5d5f10f0c899f89f1f5c8356b
SHA512

1b6e4f27b4489dc0a5f0a5d99e476edc67e3ab009e11daff8f82c93415cdad60e6b46e9a53e0b5a7738ba6b680774e06e20840c4ca4be9eacd699c2527d6c6f8
SSDEEP

384:gO1EI1f1qxvlqxzBoIc4O5EaJDPHO0TCVp9/P3iOUIHAPfBoG/KQ6j1McF5v7wC:gIrx1qxv0xzy5bEaFu9VpVTUboGiRMcP

Score

8^/10

execution persistence

Malware Config

Targets

- Target
  
  17d1235a8d9a35912cfeb30bb1505f9e_JaffaCakes118
- Size
  
  19KB
- MD5
  
  17d1235a8d9a35912cfeb30bb1505f9e
- SHA1
  
  b50a0c3b59130c9156876ab18dd0a97ab43dea87
- SHA256
  
  3b9dde091d39fa8c99225f1e128170cec036b6f5d5f10f0c899f89f1f5c8356b
- SHA512
  
  1b6e4f27b4489dc0a5f0a5d99e476edc67e3ab009e11daff8f82c93415cdad60e6b46e9a53e0b5a7738ba6b680774e06e20840c4ca4be9eacd699c2527d6c6f8
- SSDEEP
  
  384:gO1EI1f1qxvlqxzBoIc4O5EaJDPHO0TCVp9/P3iOUIHAPfBoG/KQ6j1McF5v7wC:gIrx1qxv0xzy5bEaFu9VpVTUboGiRMcP
Score

8^/10

execution persistence
- Creates new service(s)
  persistence execution
- Deletes itself
- Executes dropped EXE
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

System Services

Service Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

executionpersistence

behavioral2

executionpersistence