32f21359a348560c0ce9a58fa835b01abb64323a4298bc97e9a109179c6cc1b3 | Triage

Sharing

General

Target

4bf0a27a237e59d08abdb1f1bac49c8a_JaffaCakes118
Size

130KB
Sample

240715-3vfl1sxhmf
MD5

4bf0a27a237e59d08abdb1f1bac49c8a
SHA1

a7cddbb154cf254eb0139fb2d49b0d320a61cc2d
SHA256

32f21359a348560c0ce9a58fa835b01abb64323a4298bc97e9a109179c6cc1b3
SHA512

9bb20dad68ae4dc9304c363a726387119e65e5f356be558b7196c231126d6d69cc3101e91086c15667797168786a116bb7271edd133bd6a354806581f5fb9248
SSDEEP

3072:0kEUIOq2HMV+2z6yVIS/FT8aqswKcW9ekjZXGn9wOMtWIRV:LEUIkHU4Sd3cW9B69w3vV

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  4bf0a27a237e59d08abdb1f1bac49c8a_JaffaCakes118
- Size
  
  130KB
- MD5
  
  4bf0a27a237e59d08abdb1f1bac49c8a
- SHA1
  
  a7cddbb154cf254eb0139fb2d49b0d320a61cc2d
- SHA256
  
  32f21359a348560c0ce9a58fa835b01abb64323a4298bc97e9a109179c6cc1b3
- SHA512
  
  9bb20dad68ae4dc9304c363a726387119e65e5f356be558b7196c231126d6d69cc3101e91086c15667797168786a116bb7271edd133bd6a354806581f5fb9248
- SSDEEP
  
  3072:0kEUIOq2HMV+2z6yVIS/FT8aqswKcW9ekjZXGn9wOMtWIRV:LEUIkHU4Sd3cW9B69w3vV
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence