85813571ca16d77248082a4daf301c0d850e5b903251987c2a1ce37f76872828 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3df36e30c8233e49709ae1b6c9856e9d_JaffaCakes118
Size

68KB
Sample

240712-s1dphazdjq
MD5

3df36e30c8233e49709ae1b6c9856e9d
SHA1

7c80d0fabf50ea72926d33c2008a4948bce3373d
SHA256

85813571ca16d77248082a4daf301c0d850e5b903251987c2a1ce37f76872828
SHA512

c5392514c1e54ae0e8b3f91f695b370df6709cf2ab5caa1d49e05533b0fdf2995db3f2eabc7229f1c09e5ba4ac40752c830ba70dc12fb8c9de3f728d3e796d71
SSDEEP

1536:FNxU+W+73uSpoo3e/8+dcr2yS72WboWWW4Li:NU+W+qNo3e9Sy/9sWWWyi

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  3df36e30c8233e49709ae1b6c9856e9d_JaffaCakes118
- Size
  
  68KB
- MD5
  
  3df36e30c8233e49709ae1b6c9856e9d
- SHA1
  
  7c80d0fabf50ea72926d33c2008a4948bce3373d
- SHA256
  
  85813571ca16d77248082a4daf301c0d850e5b903251987c2a1ce37f76872828
- SHA512
  
  c5392514c1e54ae0e8b3f91f695b370df6709cf2ab5caa1d49e05533b0fdf2995db3f2eabc7229f1c09e5ba4ac40752c830ba70dc12fb8c9de3f728d3e796d71
- SSDEEP
  
  1536:FNxU+W+73uSpoo3e/8+dcr2yS72WboWWW4Li:NU+W+qNo3e9Sy/9sWWWyi
Score

8^/10

persistence
- Event Triggered Execution: Image File Execution Options Injection
  persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Event Triggered Execution

Image File Execution Options Injection

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Event Triggered Execution

Image File Execution Options Injection

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2