3e0a3cd4c6089ed14cd08e64ad8b4fca42408dab2687663005d98b5e47d02509 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

65e39380be54af7407ba8012931a92f9_JaffaCakes118
Size

333KB
Sample

240723-djsd1avaqq
MD5

65e39380be54af7407ba8012931a92f9
SHA1

3b7b8dd04c0915f86756907b853cff71c5879c4a
SHA256

3e0a3cd4c6089ed14cd08e64ad8b4fca42408dab2687663005d98b5e47d02509
SHA512

56028362b6a78ad15191d9b174ea04de8d40a2c9e500bd835366651b891e30cf6af1b65bc74ae69e55506ab70ed35dcaf16c51082da93360a8d48e40e1f0293d
SSDEEP

6144:ouCPuoDYt8NpRqPBO3To0G9S4iXEXiuTkhw:YSOIU345SuTkw

Score

8^/10

evasion persistence

Malware Config

Targets

- Target
  
  65e39380be54af7407ba8012931a92f9_JaffaCakes118
- Size
  
  333KB
- MD5
  
  65e39380be54af7407ba8012931a92f9
- SHA1
  
  3b7b8dd04c0915f86756907b853cff71c5879c4a
- SHA256
  
  3e0a3cd4c6089ed14cd08e64ad8b4fca42408dab2687663005d98b5e47d02509
- SHA512
  
  56028362b6a78ad15191d9b174ea04de8d40a2c9e500bd835366651b891e30cf6af1b65bc74ae69e55506ab70ed35dcaf16c51082da93360a8d48e40e1f0293d
- SSDEEP
  
  6144:ouCPuoDYt8NpRqPBO3To0G9S4iXEXiuTkhw:YSOIU345SuTkw
Score

8^/10

evasion persistence
- Boot or Logon Autostart Execution: Active Setup
  Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
  persistence
- Disables taskbar notifications via registry modification
  evasion
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Active Setup

Privilege Escalation

Boot or Logon Autostart Execution

Active Setup

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2