a28c0eb1dc1649e1a20a65a648915656903432e06d90fb0904fa1b32e555542f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

274c4ebae80376376a0bc1fe1ae545e1_JaffaCakes118
Size

318KB
Sample

240706-c7yp9atcmk
MD5

274c4ebae80376376a0bc1fe1ae545e1
SHA1

1cb2901b9c215558ba70b36a84be83dfbd610842
SHA256

a28c0eb1dc1649e1a20a65a648915656903432e06d90fb0904fa1b32e555542f
SHA512

5df37e898ead564e52b279c03b444fe935cbab73b93e3d7afda5aba32672f0357cef3c5b563dcd9da5652fc9346779e4b376d74a1ecf947517db05627d471b8a
SSDEEP

6144:t3eXUnKT/00rw10+LwNjfAQFer++ZXgQSN3SA/wExFy5NX:wTVcu+cNrREZw9Se

Score

8^/10

evasion persistence

Malware Config

Targets

- Target
  
  274c4ebae80376376a0bc1fe1ae545e1_JaffaCakes118
- Size
  
  318KB
- MD5
  
  274c4ebae80376376a0bc1fe1ae545e1
- SHA1
  
  1cb2901b9c215558ba70b36a84be83dfbd610842
- SHA256
  
  a28c0eb1dc1649e1a20a65a648915656903432e06d90fb0904fa1b32e555542f
- SHA512
  
  5df37e898ead564e52b279c03b444fe935cbab73b93e3d7afda5aba32672f0357cef3c5b563dcd9da5652fc9346779e4b376d74a1ecf947517db05627d471b8a
- SSDEEP
  
  6144:t3eXUnKT/00rw10+LwNjfAQFer++ZXgQSN3SA/wExFy5NX:wTVcu+cNrREZw9Se
Score

8^/10

evasion persistence
- Boot or Logon Autostart Execution: Active Setup
  Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
  persistence
- Disables taskbar notifications via registry modification
  evasion
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Active Setup

Privilege Escalation

Boot or Logon Autostart Execution

Active Setup

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2