c6bb0270f6b4c7b90f89bf1c6357737f204e46eff0661db144a5e286bbe3393b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

34c6f040fade78d555af9d35373fbbea_JaffaCakes118
Size

78KB
Sample

240710-pzdrbs1bng
MD5

34c6f040fade78d555af9d35373fbbea
SHA1

3333eca59fe96957304d8da5de64e9ce8d2e5498
SHA256

c6bb0270f6b4c7b90f89bf1c6357737f204e46eff0661db144a5e286bbe3393b
SHA512

f33ceacfa4d20b47d33de8bfc04a928d5374497aa18bb19a9ddddfb4219f2fd2934032947760e04ae4448cdb002a1daf7cee15242b90ce091f611ca1601d8e98
SSDEEP

1536:XIm5QJiLFTzk2GwW1RKwUbtmi6YSYexeRo/u9eVd32Nt2WMFutmAa:XIGJLF85wWuxtmivDexeRL9Y32rpokmP

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  34c6f040fade78d555af9d35373fbbea_JaffaCakes118
- Size
  
  78KB
- MD5
  
  34c6f040fade78d555af9d35373fbbea
- SHA1
  
  3333eca59fe96957304d8da5de64e9ce8d2e5498
- SHA256
  
  c6bb0270f6b4c7b90f89bf1c6357737f204e46eff0661db144a5e286bbe3393b
- SHA512
  
  f33ceacfa4d20b47d33de8bfc04a928d5374497aa18bb19a9ddddfb4219f2fd2934032947760e04ae4448cdb002a1daf7cee15242b90ce091f611ca1601d8e98
- SSDEEP
  
  1536:XIm5QJiLFTzk2GwW1RKwUbtmi6YSYexeRo/u9eVd32Nt2WMFutmAa:XIGJLF85wWuxtmivDexeRL9Y32rpokmP
Score

8^/10

persistence
- Adds policy Run key to start application
  persistence
- Boot or Logon Autostart Execution: Active Setup
  Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
  persistence
- Deletes itself
- Executes dropped EXE
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Active Setup

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Active Setup

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2