6a70caed1cb53cf96776b515d2157f1fd828d8d6b17f7de08c1f97bf354daa40 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3d8e593d46df849c094eda6161d7f527_JaffaCakes118
Size

742KB
Sample

240712-qn89javfrp
MD5

3d8e593d46df849c094eda6161d7f527
SHA1

559946a34b2cd1b2f5faab10d825f8799bdaeb73
SHA256

6a70caed1cb53cf96776b515d2157f1fd828d8d6b17f7de08c1f97bf354daa40
SHA512

f41a1dd60a5d8fb0a8859b22491118a52a9456c409ca5d12933df4ffb7431d77264aecd12e2ac456b040b1e7fc9ad6d6d71a0feb436924ae6a2412af052120df
SSDEEP

12288:h+RFIW+H7LRxk6ZVzCEmR9+LLwlG9N450EbJ7x6Iag:haWLRxk6fkMLLM64x66

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  3d8e593d46df849c094eda6161d7f527_JaffaCakes118
- Size
  
  742KB
- MD5
  
  3d8e593d46df849c094eda6161d7f527
- SHA1
  
  559946a34b2cd1b2f5faab10d825f8799bdaeb73
- SHA256
  
  6a70caed1cb53cf96776b515d2157f1fd828d8d6b17f7de08c1f97bf354daa40
- SHA512
  
  f41a1dd60a5d8fb0a8859b22491118a52a9456c409ca5d12933df4ffb7431d77264aecd12e2ac456b040b1e7fc9ad6d6d71a0feb436924ae6a2412af052120df
- SSDEEP
  
  12288:h+RFIW+H7LRxk6ZVzCEmR9+LLwlG9N450EbJ7x6Iag:haWLRxk6fkMLLM64x66
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2