e709bfbfd7f2db6edc9f28886ee2418a850f61e5792a7634f83ff0c53ccf64a3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

46a75504d51215eab9c906b1d9432c6f_JaffaCakes118
Size

354KB
Sample

240714-t7e2ksydpm
MD5

46a75504d51215eab9c906b1d9432c6f
SHA1

6cf0270484473b2fd3d51de040598ad0b9eff28c
SHA256

e709bfbfd7f2db6edc9f28886ee2418a850f61e5792a7634f83ff0c53ccf64a3
SHA512

f0431adae771cd33408ec9f31dd3f6be75489a871b22c5a5454bef784c022dec0f6684b7032200189938ee9ace84a0e1a7666b6ece92fa3e9dce26c2937b27de
SSDEEP

6144:ir33fSQViy9/YuyClUR7UwsJpNwn2FEwzLheEBrd/vWWO+G9BItpGLGl:833fxViw/YublUxsAn2WwBlcB4cL+

Score

8^/10

evasion persistence

Malware Config

Targets

- Target
  
  46a75504d51215eab9c906b1d9432c6f_JaffaCakes118
- Size
  
  354KB
- MD5
  
  46a75504d51215eab9c906b1d9432c6f
- SHA1
  
  6cf0270484473b2fd3d51de040598ad0b9eff28c
- SHA256
  
  e709bfbfd7f2db6edc9f28886ee2418a850f61e5792a7634f83ff0c53ccf64a3
- SHA512
  
  f0431adae771cd33408ec9f31dd3f6be75489a871b22c5a5454bef784c022dec0f6684b7032200189938ee9ace84a0e1a7666b6ece92fa3e9dce26c2937b27de
- SSDEEP
  
  6144:ir33fSQViy9/YuyClUR7UwsJpNwn2FEwzLheEBrd/vWWO+G9BItpGLGl:833fxViw/YublUxsAn2WwBlcB4cL+
Score

8^/10

evasion persistence
- Boot or Logon Autostart Execution: Active Setup
  Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
  persistence
- Disables taskbar notifications via registry modification
  evasion
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Active Setup

Privilege Escalation

Boot or Logon Autostart Execution

Active Setup

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2