8c0f92792077d67aab841e5d8e169b5e58f05198d9476df4fb2e73d43fc67ea0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

36e54ef6958fe68798a78474f26d765a_JaffaCakes118
Size

19KB
Sample

240710-3t3edszala
MD5

36e54ef6958fe68798a78474f26d765a
SHA1

651464d8e542ea5a5283078e11e119b0a45944a8
SHA256

8c0f92792077d67aab841e5d8e169b5e58f05198d9476df4fb2e73d43fc67ea0
SHA512

674e8e23c7194dc96c9fd800d2e5112935fb22e2b4e0ac8d4edf93feb98c75950c6595d65146a78596d9a79ccf2bd8c4293b1f209c12ab834e7df249e3c0ad56
SSDEEP

384:maPW/WyuqGOu/2ZPqLuq+3wk7crBubeKercSkr+wQ4BmPkudOx:jwC2lqCt3Xc1B7k24B1mc

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  36e54ef6958fe68798a78474f26d765a_JaffaCakes118
- Size
  
  19KB
- MD5
  
  36e54ef6958fe68798a78474f26d765a
- SHA1
  
  651464d8e542ea5a5283078e11e119b0a45944a8
- SHA256
  
  8c0f92792077d67aab841e5d8e169b5e58f05198d9476df4fb2e73d43fc67ea0
- SHA512
  
  674e8e23c7194dc96c9fd800d2e5112935fb22e2b4e0ac8d4edf93feb98c75950c6595d65146a78596d9a79ccf2bd8c4293b1f209c12ab834e7df249e3c0ad56
- SSDEEP
  
  384:maPW/WyuqGOu/2ZPqLuq+3wk7crBubeKercSkr+wQ4BmPkudOx:jwC2lqCt3Xc1B7k24B1mc
Score

8^/10

persistence
- Sets service image path in registry
  persistence
- Deletes itself
- Executes dropped EXE
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2