0c1bc87a35b42d8dbdc0a489a28b35fa962e3ccc4dad8e9e1f79b15073c6a61f | Triage

Sharing

General

Target

6fc3c3ceddec9c2ecf79416d4150f956_JaffaCakes118
Size

41KB
Sample

240725-qqvtxstgjb
MD5

6fc3c3ceddec9c2ecf79416d4150f956
SHA1

c10c0ed17d5507dad9a5e69571eb6f6d0eb9a26b
SHA256

0c1bc87a35b42d8dbdc0a489a28b35fa962e3ccc4dad8e9e1f79b15073c6a61f
SHA512

91092aac4a9bc7cca8c46da54260e4fd845deb201f1fcc89b966c9debe9f49f3e389aef759e37a99d79c6c1e5b2de4d12818810097b6e486d1ef0fa8a5bb1708
SSDEEP

768:GFlFe8CbJOktyX/wFnFCjiRJ6taWyuQhkWdeTMIp+7unmgUVQOfCE:GFlFe4X/wFFC0JOFyFhkGeTMRudVOfC

Score

6^/10

discovery persistence

Malware Config

Targets

- Target
  
  6fc3c3ceddec9c2ecf79416d4150f956_JaffaCakes118
- Size
  
  41KB
- MD5
  
  6fc3c3ceddec9c2ecf79416d4150f956
- SHA1
  
  c10c0ed17d5507dad9a5e69571eb6f6d0eb9a26b
- SHA256
  
  0c1bc87a35b42d8dbdc0a489a28b35fa962e3ccc4dad8e9e1f79b15073c6a61f
- SHA512
  
  91092aac4a9bc7cca8c46da54260e4fd845deb201f1fcc89b966c9debe9f49f3e389aef759e37a99d79c6c1e5b2de4d12818810097b6e486d1ef0fa8a5bb1708
- SSDEEP
  
  768:GFlFe8CbJOktyX/wFnFCjiRJ6taWyuQhkWdeTMIp+7unmgUVQOfCE:GFlFe4X/wFFC0JOFyFhkGeTMRudVOfC
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence