5789e4e142e03d116250140fedbfecd14009a2a22e21e0ac1ce8e145a3b5a8f4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2486b650300f79f997ca46e5433cef41_JaffaCakes118
Size

485KB
Sample

240704-ecp6qssgpp
MD5

2486b650300f79f997ca46e5433cef41
SHA1

1f605d41d211e8659974e48927547756d442d088
SHA256

5789e4e142e03d116250140fedbfecd14009a2a22e21e0ac1ce8e145a3b5a8f4
SHA512

7ae7f3f4f308674c2138a8194ac42e410c75444ea2824d41f24e28694fe6380970ffc512f90ce2735cd18eaee2cb3c4e54193e88477d26c6479364eabca4a2a2
SSDEEP

6144:Ul2ZL/T7sOOz0CX7+yyPss7G5CNc18Xyx8LC8zuLopRZHWJzmZXvcl2jQGTCTaxI:3ZLb7sOOzv7u75ix8HpRZ2JsvclYlhRE

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  2486b650300f79f997ca46e5433cef41_JaffaCakes118
- Size
  
  485KB
- MD5
  
  2486b650300f79f997ca46e5433cef41
- SHA1
  
  1f605d41d211e8659974e48927547756d442d088
- SHA256
  
  5789e4e142e03d116250140fedbfecd14009a2a22e21e0ac1ce8e145a3b5a8f4
- SHA512
  
  7ae7f3f4f308674c2138a8194ac42e410c75444ea2824d41f24e28694fe6380970ffc512f90ce2735cd18eaee2cb3c4e54193e88477d26c6479364eabca4a2a2
- SSDEEP
  
  6144:Ul2ZL/T7sOOz0CX7+yyPss7G5CNc18Xyx8LC8zuLopRZHWJzmZXvcl2jQGTCTaxI:3ZLb7sOOzv7u75ix8HpRZ2JsvclYlhRE
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2