ab84c6b7bad309a9af1afabb5ea73a757b9fa1df1ff4b43a5eded55f858a68c8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6fb97a0bef78317e25befdf79b5c43db_JaffaCakes118
Size

548KB
Sample

240725-qhknzszhmj
MD5

6fb97a0bef78317e25befdf79b5c43db
SHA1

91878dd0b68f1742c7b39151f29afe0609bd734c
SHA256

ab84c6b7bad309a9af1afabb5ea73a757b9fa1df1ff4b43a5eded55f858a68c8
SHA512

18167ba453146f475221b06d543c892a9518c9092d1f2b5ffe3c813d93c85f85a6415fc23ec65d5ab95c9e914a891f63242d99a047e8a0655d59b32742428e6d
SSDEEP

12288:w0JeNbFMcSH1A3blchtFEonlTQD2OADe86WNl4:oBIVA3b8DBn+D2OADe8m

Score

6^/10

discovery persistence

Malware Config

Targets

- Target
  
  6fb97a0bef78317e25befdf79b5c43db_JaffaCakes118
- Size
  
  548KB
- MD5
  
  6fb97a0bef78317e25befdf79b5c43db
- SHA1
  
  91878dd0b68f1742c7b39151f29afe0609bd734c
- SHA256
  
  ab84c6b7bad309a9af1afabb5ea73a757b9fa1df1ff4b43a5eded55f858a68c8
- SHA512
  
  18167ba453146f475221b06d543c892a9518c9092d1f2b5ffe3c813d93c85f85a6415fc23ec65d5ab95c9e914a891f63242d99a047e8a0655d59b32742428e6d
- SSDEEP
  
  12288:w0JeNbFMcSH1A3blchtFEonlTQD2OADe86WNl4:oBIVA3b8DBn+D2OADe8m
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence