1b962ea52d56d3e2b3cf54f05b755cfa4c1b625eb1c4757b4af8a7693c0b27b3 | Triage

Sharing

General

Target

68a335af0ee6edfddb423c1b5f589a20_JaffaCakes118
Size

111KB
Sample

240723-yapxqstfnk
MD5

68a335af0ee6edfddb423c1b5f589a20
SHA1

9b08d8fa455b55b9746f9fec1dc3a57dd2c6e57e
SHA256

1b962ea52d56d3e2b3cf54f05b755cfa4c1b625eb1c4757b4af8a7693c0b27b3
SHA512

d385c570afa878705b1b73046a6d5f3839d05708e7fd6ead3d6d09921400270c379916ce4f7381514d265b1074360745ad0bfaa1428be3014c61d61bf4799301
SSDEEP

3072:TGu99lfzqIbXWm+w0JP5D/PhZkhQ2TPE:T/cuo9BZ2T

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  68a335af0ee6edfddb423c1b5f589a20_JaffaCakes118
- Size
  
  111KB
- MD5
  
  68a335af0ee6edfddb423c1b5f589a20
- SHA1
  
  9b08d8fa455b55b9746f9fec1dc3a57dd2c6e57e
- SHA256
  
  1b962ea52d56d3e2b3cf54f05b755cfa4c1b625eb1c4757b4af8a7693c0b27b3
- SHA512
  
  d385c570afa878705b1b73046a6d5f3839d05708e7fd6ead3d6d09921400270c379916ce4f7381514d265b1074360745ad0bfaa1428be3014c61d61bf4799301
- SSDEEP
  
  3072:TGu99lfzqIbXWm+w0JP5D/PhZkhQ2TPE:T/cuo9BZ2T
Score

7^/10

discovery persistence
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence