41ae739b6df62b68c2bb366a580b463959450c66ede03af13cd26e82bd305700 | Triage

Sharing

General

Target

2e06394b5810111e28b444d3a6cc2ebc_JaffaCakes118
Size

35KB
Sample

240708-19a9qssalj
MD5

2e06394b5810111e28b444d3a6cc2ebc
SHA1

1a915ed60f3c3006140033692b3bf02b20ca7bfd
SHA256

41ae739b6df62b68c2bb366a580b463959450c66ede03af13cd26e82bd305700
SHA512

7ccb4a098a94d3049523e7fca4f6b72cbd227c47b31da9bcaff91676a86f90136f5d2d87cc40ba61c2c7ae0790500c1177ef507255fbc2b89b89cb54fe3d74e5
SSDEEP

768:h9zAYH5l6XlSm7FoCHGu15RVhzC0vMol/sGm0:h9MYu1SOoKGEvnI0

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  2e06394b5810111e28b444d3a6cc2ebc_JaffaCakes118
- Size
  
  35KB
- MD5
  
  2e06394b5810111e28b444d3a6cc2ebc
- SHA1
  
  1a915ed60f3c3006140033692b3bf02b20ca7bfd
- SHA256
  
  41ae739b6df62b68c2bb366a580b463959450c66ede03af13cd26e82bd305700
- SHA512
  
  7ccb4a098a94d3049523e7fca4f6b72cbd227c47b31da9bcaff91676a86f90136f5d2d87cc40ba61c2c7ae0790500c1177ef507255fbc2b89b89cb54fe3d74e5
- SSDEEP
  
  768:h9zAYH5l6XlSm7FoCHGu15RVhzC0vMol/sGm0:h9MYu1SOoKGEvnI0
Score

8^/10

persistence
- Sets service image path in registry
  persistence
- Deletes itself
- Executes dropped EXE
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2