daf0646552791600939622fad15d1761e40f6cf59922085bb64971462826bc24 | Triage

Sharing

General

Target

5f341213fab7041bb61baecca8d3c8c6_JaffaCakes118
Size

13KB
Sample

240720-f79z3asaqc
MD5

5f341213fab7041bb61baecca8d3c8c6
SHA1

d321a50ef709faf88bfed18ce9484f2de1656ef8
SHA256

daf0646552791600939622fad15d1761e40f6cf59922085bb64971462826bc24
SHA512

6364cf5931eb41439fcb9bfd578a258fc1ac0fcb9c62d0f69061abf700d0951e778ee2428f9f3e890cb72b96011c61a4a7ff8998384867eb929b2b8fd2ebff30
SSDEEP

192:ea51GkKV5HhJT3PU3mDO+obZfY8Ds8QzVMjemU9iV65yHJaa56FLc/Wsj3E0k:eaut5v7PU4obZQ8Fi7mwiVfHUU/T0V

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  5f341213fab7041bb61baecca8d3c8c6_JaffaCakes118
- Size
  
  13KB
- MD5
  
  5f341213fab7041bb61baecca8d3c8c6
- SHA1
  
  d321a50ef709faf88bfed18ce9484f2de1656ef8
- SHA256
  
  daf0646552791600939622fad15d1761e40f6cf59922085bb64971462826bc24
- SHA512
  
  6364cf5931eb41439fcb9bfd578a258fc1ac0fcb9c62d0f69061abf700d0951e778ee2428f9f3e890cb72b96011c61a4a7ff8998384867eb929b2b8fd2ebff30
- SSDEEP
  
  192:ea51GkKV5HhJT3PU3mDO+obZfY8Ds8QzVMjemU9iV65yHJaa56FLc/Wsj3E0k:eaut5v7PU4obZQ8Fi7mwiVfHUU/T0V
Score

10^/10

evasion persistence
- Modifies visibility of file extensions in Explorer
  evasion
- Disables RegEdit via registry modification
  evasion
- Disables use of System Restore points
  evasion
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Inhibit System Recovery

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence