30ed4d71ba8e068646ec8fed464e7a7815fe5b7364f00b77355b4add221e955e | Triage

Sharing

General

Target

2facccd29ff39a77000a16cef14650eb_JaffaCakes118
Size

42KB
Sample

240709-kjt16axfpf
MD5

2facccd29ff39a77000a16cef14650eb
SHA1

48ec866c31d7bb100183a82611196ce410f43bc2
SHA256

30ed4d71ba8e068646ec8fed464e7a7815fe5b7364f00b77355b4add221e955e
SHA512

3c64475c62f62b48cf527fd5adc98fa8c06d09c544d279081f92ce57314a6a9df2f166600c84fd5dfe9dcaec3d531429b6e1650f7a33acacc574add48f72a109
SSDEEP

768:xu6THgVNE4YYo+eRt4n9aOJnCrh6JkZVqcgg1zhZai6WivD4rdj8Q3y8:xuWgHEpYo+egn9gV6JqVEAZaF4rhhy8

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  2facccd29ff39a77000a16cef14650eb_JaffaCakes118
- Size
  
  42KB
- MD5
  
  2facccd29ff39a77000a16cef14650eb
- SHA1
  
  48ec866c31d7bb100183a82611196ce410f43bc2
- SHA256
  
  30ed4d71ba8e068646ec8fed464e7a7815fe5b7364f00b77355b4add221e955e
- SHA512
  
  3c64475c62f62b48cf527fd5adc98fa8c06d09c544d279081f92ce57314a6a9df2f166600c84fd5dfe9dcaec3d531429b6e1650f7a33acacc574add48f72a109
- SSDEEP
  
  768:xu6THgVNE4YYo+eRt4n9aOJnCrh6JkZVqcgg1zhZai6WivD4rdj8Q3y8:xuWgHEpYo+egn9gV6JqVEAZaF4rhhy8
Score

8^/10

persistence
- Adds policy Run key to start application
  persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2