5ca4dfb2235496b54413069f8394784f96f72788fd73eb562b8d487d71897345 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2f1d210fea5b97f95dc438a30a3709dc_JaffaCakes118
Size

155KB
Sample

240709-fzt9msxgmn
MD5

2f1d210fea5b97f95dc438a30a3709dc
SHA1

fef4546b81e14d4a4a3963a6f0763cc34ebc645e
SHA256

5ca4dfb2235496b54413069f8394784f96f72788fd73eb562b8d487d71897345
SHA512

c5e1c749990125eb298bd8dfd09865c3529a2020365226cdd80e796815ac5189efbc09144c8edefdea796d0c03bdee4b51be107754acc75d416313fb348a078b
SSDEEP

768:zXtuCNba87ebyOqAILhDBtEhd0uovoyk:zXj48vOUrtEh4y

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  2f1d210fea5b97f95dc438a30a3709dc_JaffaCakes118
- Size
  
  155KB
- MD5
  
  2f1d210fea5b97f95dc438a30a3709dc
- SHA1
  
  fef4546b81e14d4a4a3963a6f0763cc34ebc645e
- SHA256
  
  5ca4dfb2235496b54413069f8394784f96f72788fd73eb562b8d487d71897345
- SHA512
  
  c5e1c749990125eb298bd8dfd09865c3529a2020365226cdd80e796815ac5189efbc09144c8edefdea796d0c03bdee4b51be107754acc75d416313fb348a078b
- SSDEEP
  
  768:zXtuCNba87ebyOqAILhDBtEhd0uovoyk:zXj48vOUrtEh4y
Score

10^/10

evasion persistence
- Modifies visibility of file extensions in Explorer
  evasion
- Disables RegEdit via registry modification
  evasion
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence