ac775778c04ed1fa6238baec28eeb56a62dd4cb599947a4d36902283c1094a6e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

15e9dc5a53cae67f621d292d8a501900_JaffaCakes118
Size

3.3MB
Sample

240627-n3zbrsseln
MD5

15e9dc5a53cae67f621d292d8a501900
SHA1

8d4e5af3271bda90e205b112186581be337a7621
SHA256

ac775778c04ed1fa6238baec28eeb56a62dd4cb599947a4d36902283c1094a6e
SHA512

aed4020a9b52e3f13335f053a8b857243d5321966cbe17c2e86505c3aec481cbf009b965a742ea07cbc1d46c1eb0db0cb9325ee3fc669828c282e48fd6f15179
SSDEEP

98304:anUYJ0+mBQ3+3OCjbZ3L8u9YejvAN1syYIi:ImBSgOCjbZ3p1LgYI

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  15e9dc5a53cae67f621d292d8a501900_JaffaCakes118
- Size
  
  3.3MB
- MD5
  
  15e9dc5a53cae67f621d292d8a501900
- SHA1
  
  8d4e5af3271bda90e205b112186581be337a7621
- SHA256
  
  ac775778c04ed1fa6238baec28eeb56a62dd4cb599947a4d36902283c1094a6e
- SHA512
  
  aed4020a9b52e3f13335f053a8b857243d5321966cbe17c2e86505c3aec481cbf009b965a742ea07cbc1d46c1eb0db0cb9325ee3fc669828c282e48fd6f15179
- SSDEEP
  
  98304:anUYJ0+mBQ3+3OCjbZ3L8u9YejvAN1syYIi:ImBSgOCjbZ3p1LgYI
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2