b35cef1f256694b305f0846b09426a9fc4829e68f3ca9e454dc092c60b49384d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5ed7413de7c3c34c4793ad0e2e8e02df_JaffaCakes118
Size

315KB
Sample

240720-dwzzlsxfjf
MD5

5ed7413de7c3c34c4793ad0e2e8e02df
SHA1

37f8121de41e41124107c160be80596be3c399ca
SHA256

b35cef1f256694b305f0846b09426a9fc4829e68f3ca9e454dc092c60b49384d
SHA512

aab8faea1c926c3473304e828452830d9ffccdb61aea8d81900c3d441d8029c761651e5f1fba2a765af928a44cdf1fddca862b03908ce03a0669bdae3886bd53
SSDEEP

6144:Ch2lx9G21uua4MDrnA767Xy05dggcgzJClYfKOw1u6yk2/IKx1GfS:CwlxZCPnA7nIdggcgF+Yfk1ui2/ILK

Score

8^/10

evasion persistence

Malware Config

Targets

- Target
  
  5ed7413de7c3c34c4793ad0e2e8e02df_JaffaCakes118
- Size
  
  315KB
- MD5
  
  5ed7413de7c3c34c4793ad0e2e8e02df
- SHA1
  
  37f8121de41e41124107c160be80596be3c399ca
- SHA256
  
  b35cef1f256694b305f0846b09426a9fc4829e68f3ca9e454dc092c60b49384d
- SHA512
  
  aab8faea1c926c3473304e828452830d9ffccdb61aea8d81900c3d441d8029c761651e5f1fba2a765af928a44cdf1fddca862b03908ce03a0669bdae3886bd53
- SSDEEP
  
  6144:Ch2lx9G21uua4MDrnA767Xy05dggcgzJClYfKOw1u6yk2/IKx1GfS:CwlxZCPnA7nIdggcgF+Yfk1ui2/ILK
Score

8^/10

evasion persistence
- Boot or Logon Autostart Execution: Active Setup
  Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
  persistence
- Disables taskbar notifications via registry modification
  evasion
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Active Setup

Privilege Escalation

Boot or Logon Autostart Execution

Active Setup

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2