ff9c158d94c49bf07c1ebae7e6d36b63cfa6df4a02f0e98d8ef547c46293cdfd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4837b9df9dd9a23f923edd3a427cf70e_JaffaCakes118
Size

18KB
Sample

240715-e2wptaxgqj
MD5

4837b9df9dd9a23f923edd3a427cf70e
SHA1

44067a474ba71d20bde7e7c5559d7b603b49bf21
SHA256

ff9c158d94c49bf07c1ebae7e6d36b63cfa6df4a02f0e98d8ef547c46293cdfd
SHA512

57361adb8ff604ec4a9145c000e4b610a10d4feae2f4a8c9db3afc4dfde475aed13693ab2975163938500a5a0c277037a84e9fb9ffbc24a754566321338b659f
SSDEEP

384:mQW/WfzBGOuTuyqXBC5xMWf3/s4yvTktqtHzz8NwgNYgm:rtlQ5eWf3/6TOqJHuXNYgm

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  4837b9df9dd9a23f923edd3a427cf70e_JaffaCakes118
- Size
  
  18KB
- MD5
  
  4837b9df9dd9a23f923edd3a427cf70e
- SHA1
  
  44067a474ba71d20bde7e7c5559d7b603b49bf21
- SHA256
  
  ff9c158d94c49bf07c1ebae7e6d36b63cfa6df4a02f0e98d8ef547c46293cdfd
- SHA512
  
  57361adb8ff604ec4a9145c000e4b610a10d4feae2f4a8c9db3afc4dfde475aed13693ab2975163938500a5a0c277037a84e9fb9ffbc24a754566321338b659f
- SSDEEP
  
  384:mQW/WfzBGOuTuyqXBC5xMWf3/s4yvTktqtHzz8NwgNYgm:rtlQ5eWf3/6TOqJHuXNYgm
Score

8^/10

persistence
- Sets service image path in registry
  persistence
- Deletes itself
- Executes dropped EXE
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2