f5d5829d2c0a699c3a716969bb757c93c2f75465bd1bc6abe1902676aa32ab52 | Triage

Sharing

General

Target

36340cfc96d093eaf7c7b2de4e5ed70a_JaffaCakes118
Size

310KB
Sample

240710-yx3gcaxfmr
MD5

36340cfc96d093eaf7c7b2de4e5ed70a
SHA1

7888ba62cde9202cb75aea1a779983c1ba5b52a7
SHA256

f5d5829d2c0a699c3a716969bb757c93c2f75465bd1bc6abe1902676aa32ab52
SHA512

0d70ad470892581929b9e0d7faa2601e22eccaa088b13137305a9fcc2c05dbd8d9b1238d2ff98b4a85ca5a92e948d94b79442450f0315840d2e0edebaeea14d6
SSDEEP

1536:y9gs08KaTusNo1E2x+Db0BDlxqWTpfJ/0v:y9g2KqaE5c5oWNR0v

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  36340cfc96d093eaf7c7b2de4e5ed70a_JaffaCakes118
- Size
  
  310KB
- MD5
  
  36340cfc96d093eaf7c7b2de4e5ed70a
- SHA1
  
  7888ba62cde9202cb75aea1a779983c1ba5b52a7
- SHA256
  
  f5d5829d2c0a699c3a716969bb757c93c2f75465bd1bc6abe1902676aa32ab52
- SHA512
  
  0d70ad470892581929b9e0d7faa2601e22eccaa088b13137305a9fcc2c05dbd8d9b1238d2ff98b4a85ca5a92e948d94b79442450f0315840d2e0edebaeea14d6
- SSDEEP
  
  1536:y9gs08KaTusNo1E2x+Db0BDlxqWTpfJ/0v:y9g2KqaE5c5oWNR0v
Score

10^/10

evasion persistence
- Modifies visibility of file extensions in Explorer
  evasion
- Disables RegEdit via registry modification
  evasion
- Disables use of System Restore points
  evasion
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Inhibit System Recovery

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence