842c552be3836ca749858e1a4a02ba0de876e51f74897c2778be701c87c42d35 | Triage

Sharing

General

Target

28a2776d2c860ca5627c1ca7fe29812b_JaffaCakes118
Size

146KB
Sample

240706-srdcdavejf
MD5

28a2776d2c860ca5627c1ca7fe29812b
SHA1

9da0e52c990d18a34a4ba7980ab0f609d5205375
SHA256

842c552be3836ca749858e1a4a02ba0de876e51f74897c2778be701c87c42d35
SHA512

149a1d40ec898980a37e635f7e2887125f1f205faa46f2df94ebf0bd6d01cb41e5705372701d8e520c06d74cb059a131c3788088867777b9713ecda63d37b0f8
SSDEEP

3072:/piv375xh3G76wfMPq0stztYcZt2v10LOIA3Sk3mJe8lQeI5qDf23jM:hO375xhWGnPq0+tvZkv10SIA3L3Oe8lG

Score

8^/10

aspackv2 evasion persistence

Malware Config

Targets

- Target
  
  28a2776d2c860ca5627c1ca7fe29812b_JaffaCakes118
- Size
  
  146KB
- MD5
  
  28a2776d2c860ca5627c1ca7fe29812b
- SHA1
  
  9da0e52c990d18a34a4ba7980ab0f609d5205375
- SHA256
  
  842c552be3836ca749858e1a4a02ba0de876e51f74897c2778be701c87c42d35
- SHA512
  
  149a1d40ec898980a37e635f7e2887125f1f205faa46f2df94ebf0bd6d01cb41e5705372701d8e520c06d74cb059a131c3788088867777b9713ecda63d37b0f8
- SSDEEP
  
  3072:/piv375xh3G76wfMPq0stztYcZt2v10LOIA3Sk3mJe8lQeI5qDf23jM:hO375xhWGnPq0+tvZkv10SIA3L3Oe8lG
Score

8^/10

evasion persistence
- Disables Task Manager via registry modification
  evasion
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence