963a84dcdddcdd37455c9eb1c1bf28a19543af6b06e5ad38cc01fdf95112a82b | Triage

Sharing

General

Target

70becffdf2b12b7ec3d53c0fcca1630e_JaffaCakes118
Size

36KB
Sample

240725-w5mpraxajp
MD5

70becffdf2b12b7ec3d53c0fcca1630e
SHA1

53500e57ac7861db5b568eab373a1ed70eeeaf87
SHA256

963a84dcdddcdd37455c9eb1c1bf28a19543af6b06e5ad38cc01fdf95112a82b
SHA512

4397b77ff68a94e05a64d96125992d08f9a508e65801e924794f3d531cb929e072e6742e6df3349e0de62d274ee5de5cb0a510a4687c3af50ada1d0888eaa2e4
SSDEEP

768:57M53+uR7IalxCNYX5LDLexCGGUewvApVBukfIGt96pxHc:57a3TuamNY9DLGFYXBF96pS

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  70becffdf2b12b7ec3d53c0fcca1630e_JaffaCakes118
- Size
  
  36KB
- MD5
  
  70becffdf2b12b7ec3d53c0fcca1630e
- SHA1
  
  53500e57ac7861db5b568eab373a1ed70eeeaf87
- SHA256
  
  963a84dcdddcdd37455c9eb1c1bf28a19543af6b06e5ad38cc01fdf95112a82b
- SHA512
  
  4397b77ff68a94e05a64d96125992d08f9a508e65801e924794f3d531cb929e072e6742e6df3349e0de62d274ee5de5cb0a510a4687c3af50ada1d0888eaa2e4
- SSDEEP
  
  768:57M53+uR7IalxCNYX5LDLexCGGUewvApVBukfIGt96pxHc:57a3TuamNY9DLGFYXBF96pS
Score

8^/10

discovery persistence
- Adds policy Run key to start application
  persistence
- Executes dropped EXE
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2