f712333bbc8b4c99b18a02aa2b4318bbf245d1f69c915f6470264a5c38d508c2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3e78a8d2667bf948082f7f6cad2c82f1_JaffaCakes118
Size

109KB
Sample

240712-xg3azaxhmc
MD5

3e78a8d2667bf948082f7f6cad2c82f1
SHA1

627145099b8edbd8bebc33ffb0871e0104d5b9a3
SHA256

f712333bbc8b4c99b18a02aa2b4318bbf245d1f69c915f6470264a5c38d508c2
SHA512

6f9173a73c4fc8845c2eec2f90731b1f2977e10fa719d914dbe39ba536e9e1b7b77c31b8978d84954205bc71a1591732cb8d74e27e41c95fd0e30b6bbd65f45f
SSDEEP

1536:Rnqtu3abBGy3G8V0iuoKWGq6KfFkWGq6cjTA:RqRMPsKWGqFdkWGqzjTA

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  3e78a8d2667bf948082f7f6cad2c82f1_JaffaCakes118
- Size
  
  109KB
- MD5
  
  3e78a8d2667bf948082f7f6cad2c82f1
- SHA1
  
  627145099b8edbd8bebc33ffb0871e0104d5b9a3
- SHA256
  
  f712333bbc8b4c99b18a02aa2b4318bbf245d1f69c915f6470264a5c38d508c2
- SHA512
  
  6f9173a73c4fc8845c2eec2f90731b1f2977e10fa719d914dbe39ba536e9e1b7b77c31b8978d84954205bc71a1591732cb8d74e27e41c95fd0e30b6bbd65f45f
- SSDEEP
  
  1536:Rnqtu3abBGy3G8V0iuoKWGq6KfFkWGq6cjTA:RqRMPsKWGqFdkWGqzjTA
Score

10^/10

evasion persistence
- Modifies visibility of file extensions in Explorer
  evasion
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Modifies system executable filetype association
  persistence
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Event Triggered Execution

Change Default File Association

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Event Triggered Execution

Change Default File Association

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence