9e6efcaeb5cca5f7bf7113d21b1ca3e115cd93e9f794ccdfecb98cd3a0e6aca8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

49f7fb1acaaa79f42223ac90e733ed6d_JaffaCakes118
Size

517KB
Sample

240715-q72nsstemp
MD5

49f7fb1acaaa79f42223ac90e733ed6d
SHA1

60cdab31c8715d74c93712cfa2548a95a1792f46
SHA256

9e6efcaeb5cca5f7bf7113d21b1ca3e115cd93e9f794ccdfecb98cd3a0e6aca8
SHA512

70365ef40f7630593a9cedbad4529d6c3b36be9b96c04fa8771e51cc4c3b571de74a33c2ae95d3ce4d63b139772aee76d84f9f856c63be6982e0d7ebd29fa243
SSDEEP

12288:MtLsd81Qr2cCCiZ2i5Y1hmVzuK152xBMt:kQ6iXbOzb15oW

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  49f7fb1acaaa79f42223ac90e733ed6d_JaffaCakes118
- Size
  
  517KB
- MD5
  
  49f7fb1acaaa79f42223ac90e733ed6d
- SHA1
  
  60cdab31c8715d74c93712cfa2548a95a1792f46
- SHA256
  
  9e6efcaeb5cca5f7bf7113d21b1ca3e115cd93e9f794ccdfecb98cd3a0e6aca8
- SHA512
  
  70365ef40f7630593a9cedbad4529d6c3b36be9b96c04fa8771e51cc4c3b571de74a33c2ae95d3ce4d63b139772aee76d84f9f856c63be6982e0d7ebd29fa243
- SSDEEP
  
  12288:MtLsd81Qr2cCCiZ2i5Y1hmVzuK152xBMt:kQ6iXbOzb15oW
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2