8e546468864a30020f2d10fb4f0f7cb147cde42e8c7542cb3819ee97f9223e5d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

677c65a49096458fe3aeafda9c67ad90_JaffaCakes118
Size

112KB
Sample

240723-n2q9rsvakf
MD5

677c65a49096458fe3aeafda9c67ad90
SHA1

15b6809b1fc90cbceedb66812909d5a7ac84d3ba
SHA256

8e546468864a30020f2d10fb4f0f7cb147cde42e8c7542cb3819ee97f9223e5d
SHA512

a67ce3a6f817a385d7af57d64b738f93b7664c8e30d3da0e188fa49a7c68f1851ea2ffab634f0342f018a58012c3971d18917df2cdc82c2805ecd27be36a2833
SSDEEP

768:8RwE0lofsmEyElnfj3DDvLaJhhjAxj5nO4rGQzTGfmgc33emu4v/eo4z7VP7LdG9:8RwEuofo74qqQVgd54vz

Score

8^/10

evasion persistence

Malware Config

Targets

- Target
  
  677c65a49096458fe3aeafda9c67ad90_JaffaCakes118
- Size
  
  112KB
- MD5
  
  677c65a49096458fe3aeafda9c67ad90
- SHA1
  
  15b6809b1fc90cbceedb66812909d5a7ac84d3ba
- SHA256
  
  8e546468864a30020f2d10fb4f0f7cb147cde42e8c7542cb3819ee97f9223e5d
- SHA512
  
  a67ce3a6f817a385d7af57d64b738f93b7664c8e30d3da0e188fa49a7c68f1851ea2ffab634f0342f018a58012c3971d18917df2cdc82c2805ecd27be36a2833
- SSDEEP
  
  768:8RwE0lofsmEyElnfj3DDvLaJhhjAxj5nO4rGQzTGfmgc33emu4v/eo4z7VP7LdG9:8RwEuofo74qqQVgd54vz
Score

8^/10

evasion persistence
- Disables RegEdit via registry modification
  evasion
- Disables Task Manager via registry modification
  evasion
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence