125446b4547d4831802279f4cf5ed721492b48a850585999e9d7b5889efff336 | Triage

Sharing

General

Target

4b1838251437d227a01373a7de93ab87_JaffaCakes118
Size

4.5MB
Sample

240715-x989zswbkl
MD5

4b1838251437d227a01373a7de93ab87
SHA1

3fe8c039cc58a43d8ce7239bbf7ed9ab9256380f
SHA256

125446b4547d4831802279f4cf5ed721492b48a850585999e9d7b5889efff336
SHA512

e65470f425cc986f5481a3e9e38adbe4f89dda29753f7f53c57c12646d0d3a78bde1914a4a0ef6d528ece89af2c82cacfbc68a5566678d2291bca45c83fc5d54
SSDEEP

98304:PN3W3t7XP3porGnPEihRl1T4HA4GvWFQvbr3E25F/VbkX7dkKmkLNwvoO:PdW97XvporGnPE6V4g45ebr3EobkX7d8

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  4b1838251437d227a01373a7de93ab87_JaffaCakes118
- Size
  
  4.5MB
- MD5
  
  4b1838251437d227a01373a7de93ab87
- SHA1
  
  3fe8c039cc58a43d8ce7239bbf7ed9ab9256380f
- SHA256
  
  125446b4547d4831802279f4cf5ed721492b48a850585999e9d7b5889efff336
- SHA512
  
  e65470f425cc986f5481a3e9e38adbe4f89dda29753f7f53c57c12646d0d3a78bde1914a4a0ef6d528ece89af2c82cacfbc68a5566678d2291bca45c83fc5d54
- SSDEEP
  
  98304:PN3W3t7XP3porGnPEihRl1T4HA4GvWFQvbr3E25F/VbkX7dkKmkLNwvoO:PdW97XvporGnPE6V4g45ebr3EobkX7d8
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2