5090b4e4918df75adc6989e6b5169dca03c8f705c2819b0438515ff0f7222d0f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

60e2c1fb2513b645f95e1d04c7278924_JaffaCakes118
Size

44KB
Sample

240721-wrxyka1bln
MD5

60e2c1fb2513b645f95e1d04c7278924
SHA1

e54d38c757be1f1a23f04a4a04ef08fe689b4e30
SHA256

5090b4e4918df75adc6989e6b5169dca03c8f705c2819b0438515ff0f7222d0f
SHA512

5a68afe3c3371ef7ad6b9e2d4d4e52d889027a415852a3ed26e30a51b0bf6e408c9a8cb911061daa01ddb5696f8be79db0c42943f1dfabf36ffb4d7abb023c80
SSDEEP

768:IpeBtNUbOERPJCYjDFypeGgvECjugkpprSLUU9UDex:IpMtSbOEdjRypeG0ZjP8OMDex

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  60e2c1fb2513b645f95e1d04c7278924_JaffaCakes118
- Size
  
  44KB
- MD5
  
  60e2c1fb2513b645f95e1d04c7278924
- SHA1
  
  e54d38c757be1f1a23f04a4a04ef08fe689b4e30
- SHA256
  
  5090b4e4918df75adc6989e6b5169dca03c8f705c2819b0438515ff0f7222d0f
- SHA512
  
  5a68afe3c3371ef7ad6b9e2d4d4e52d889027a415852a3ed26e30a51b0bf6e408c9a8cb911061daa01ddb5696f8be79db0c42943f1dfabf36ffb4d7abb023c80
- SSDEEP
  
  768:IpeBtNUbOERPJCYjDFypeGgvECjugkpprSLUU9UDex:IpMtSbOEdjRypeG0ZjP8OMDex
Score

8^/10

persistence
- Boot or Logon Autostart Execution: Active Setup
  Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
  persistence
- Deletes itself
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Active Setup

Privilege Escalation

Boot or Logon Autostart Execution

Active Setup

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2