47140a7a68e4cfdbaf5c810b9b95ca7d79415f02b8b3936ee8cc9110d2dd46f7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

61701252d671354c940bd45718da99c8_JaffaCakes118
Size

40KB
Sample

240721-z6a9wsxdrq
MD5

61701252d671354c940bd45718da99c8
SHA1

093ae3798f9eb1be52eaff99b16b2ffe6c4a352b
SHA256

47140a7a68e4cfdbaf5c810b9b95ca7d79415f02b8b3936ee8cc9110d2dd46f7
SHA512

2796813e5dd66369279c4e49be85e150c83cc29a6af6b92fdba1ef8bc970d16bf1b62188c465375e45e38d4efdab8d1ff9c1b2e63126448e39b2a0d3a62d946d
SSDEEP

768:/ly/ooD7/TRVa+AzQQRFtuvZUctgrDG94:/8/oo3/HEEQoFyDG94

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  61701252d671354c940bd45718da99c8_JaffaCakes118
- Size
  
  40KB
- MD5
  
  61701252d671354c940bd45718da99c8
- SHA1
  
  093ae3798f9eb1be52eaff99b16b2ffe6c4a352b
- SHA256
  
  47140a7a68e4cfdbaf5c810b9b95ca7d79415f02b8b3936ee8cc9110d2dd46f7
- SHA512
  
  2796813e5dd66369279c4e49be85e150c83cc29a6af6b92fdba1ef8bc970d16bf1b62188c465375e45e38d4efdab8d1ff9c1b2e63126448e39b2a0d3a62d946d
- SSDEEP
  
  768:/ly/ooD7/TRVa+AzQQRFtuvZUctgrDG94:/8/oo3/HEEQoFyDG94
Score

8^/10

persistence
- Boot or Logon Autostart Execution: Active Setup
  Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
  persistence
- Deletes itself
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Active Setup

Privilege Escalation

Boot or Logon Autostart Execution

Active Setup

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2