209850d3a1641cf12441564e81b8111a5367fe8c222f6681529fe9ee06915e22 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

31f255e4da058e6c91f25e91c95d8325_JaffaCakes118
Size

48KB
Sample

240709-zqxsysxaqd
MD5

31f255e4da058e6c91f25e91c95d8325
SHA1

dfc2de7b7e60978bd94b8f73792ae1b3dfb551f7
SHA256

209850d3a1641cf12441564e81b8111a5367fe8c222f6681529fe9ee06915e22
SHA512

8b5050bd4bcf37d10555f57d0674af504f18754c214e9369c5a68850dda1fc395f91124181aebc534848ab61f64e7f40f4d452c2244fb1589e5c850a5554d281
SSDEEP

768:/KKc/0sS+TcGTfeEU8FxFfLtGhmBpSIaEqAy6lJOMK:0/0r+dLxdhGSSIwA/cMK

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  31f255e4da058e6c91f25e91c95d8325_JaffaCakes118
- Size
  
  48KB
- MD5
  
  31f255e4da058e6c91f25e91c95d8325
- SHA1
  
  dfc2de7b7e60978bd94b8f73792ae1b3dfb551f7
- SHA256
  
  209850d3a1641cf12441564e81b8111a5367fe8c222f6681529fe9ee06915e22
- SHA512
  
  8b5050bd4bcf37d10555f57d0674af504f18754c214e9369c5a68850dda1fc395f91124181aebc534848ab61f64e7f40f4d452c2244fb1589e5c850a5554d281
- SSDEEP
  
  768:/KKc/0sS+TcGTfeEU8FxFfLtGhmBpSIaEqAy6lJOMK:0/0r+dLxdhGSSIwA/cMK
Score

8^/10

persistence
- Adds policy Run key to start application
  persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2