3cc70c2095f3fcce09c33ffac95d0e45974f660ec314b229f91e758bff8b2226 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

153b21c2049dd65a4bde4456eb8e1e28_JaffaCakes118
Size

1.6MB
Sample

240627-jsdvvszcqf
MD5

153b21c2049dd65a4bde4456eb8e1e28
SHA1

f56c9dcf00e55c174d1cd166db6ef00b4894b6bf
SHA256

3cc70c2095f3fcce09c33ffac95d0e45974f660ec314b229f91e758bff8b2226
SHA512

bcced777a5136e42a3758614aab4cb1b27e839086e63fb01c6d9a2fe432eaa36d50322ec1931c35984a85cb3c1d6715c665d45cf89e118fa17f1913cd5968913
SSDEEP

49152:xXMRNFO28ANkBSPKPYUY2pmuS5G7Xh1t7Z7e:xXMRm28ANmY2YuSM7Xh1tU

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  153b21c2049dd65a4bde4456eb8e1e28_JaffaCakes118
- Size
  
  1.6MB
- MD5
  
  153b21c2049dd65a4bde4456eb8e1e28
- SHA1
  
  f56c9dcf00e55c174d1cd166db6ef00b4894b6bf
- SHA256
  
  3cc70c2095f3fcce09c33ffac95d0e45974f660ec314b229f91e758bff8b2226
- SHA512
  
  bcced777a5136e42a3758614aab4cb1b27e839086e63fb01c6d9a2fe432eaa36d50322ec1931c35984a85cb3c1d6715c665d45cf89e118fa17f1913cd5968913
- SSDEEP
  
  49152:xXMRNFO28ANkBSPKPYUY2pmuS5G7Xh1t7Z7e:xXMRm28ANmY2YuSM7Xh1tU
Score

8^/10

persistence
- Uses Session Manager for persistence
  Creates Session Manager registry key to run executable early in system boot.
  persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2