cccd3e018c2c8d602cc49ee05e888d784b021367e573184d5b23d3b95196d65c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4d6ee4a72ac15c99f96044bf829706e9_JaffaCakes118
Size

44KB
Sample

240716-jtylnavere
MD5

4d6ee4a72ac15c99f96044bf829706e9
SHA1

531638be484eb96148ed13e96435e91b4054eef1
SHA256

cccd3e018c2c8d602cc49ee05e888d784b021367e573184d5b23d3b95196d65c
SHA512

8efcbe1d1d76f61ebaf73f7dc752e438143225aa13f7cf9712fd8fa31e1283db6c461d886e90c615aa0650ef4b4284f5b2e226cd416516962c9686b88b53b1cc
SSDEEP

768:oBK47ZAWgE5oOATJJm+e6JCHdSUkY4yllw1gSRpwT21nSModYnMjlNJcItP:o/7zNZAtJtoIY4klygSQxMoZ5FP

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  4d6ee4a72ac15c99f96044bf829706e9_JaffaCakes118
- Size
  
  44KB
- MD5
  
  4d6ee4a72ac15c99f96044bf829706e9
- SHA1
  
  531638be484eb96148ed13e96435e91b4054eef1
- SHA256
  
  cccd3e018c2c8d602cc49ee05e888d784b021367e573184d5b23d3b95196d65c
- SHA512
  
  8efcbe1d1d76f61ebaf73f7dc752e438143225aa13f7cf9712fd8fa31e1283db6c461d886e90c615aa0650ef4b4284f5b2e226cd416516962c9686b88b53b1cc
- SSDEEP
  
  768:oBK47ZAWgE5oOATJJm+e6JCHdSUkY4yllw1gSRpwT21nSModYnMjlNJcItP:o/7zNZAtJtoIY4klygSQxMoZ5FP
Score

8^/10

persistence
- Boot or Logon Autostart Execution: Active Setup
  Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
  persistence
- Executes dropped EXE
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Active Setup

Privilege Escalation

Boot or Logon Autostart Execution

Active Setup

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2