2be666e810f852aa54333425a40753bec5bf412903a3659ea8976fcea06e9585 | Triage

Sharing

General

Target

760baf3dde06e9de362a7d36054749dc_JaffaCakes118
Size

16KB
Sample

240726-2plqeazbml
MD5

760baf3dde06e9de362a7d36054749dc
SHA1

019899d20dbcf43644f316485bf87701d1bb16f3
SHA256

2be666e810f852aa54333425a40753bec5bf412903a3659ea8976fcea06e9585
SHA512

0b6ff7d6b80d994d164aee2877188849405b213df9653f357c1b5db20f85519bbf82e698996005bb6037e1dd634f753b829729285565c82353e3ff2c550b175b
SSDEEP

384:meW/Wu1BGOusV5iQalskxd6RHoPa8dnZfVQFxo7:+/VUQaGe6Bwa8PfVQFg

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  760baf3dde06e9de362a7d36054749dc_JaffaCakes118
- Size
  
  16KB
- MD5
  
  760baf3dde06e9de362a7d36054749dc
- SHA1
  
  019899d20dbcf43644f316485bf87701d1bb16f3
- SHA256
  
  2be666e810f852aa54333425a40753bec5bf412903a3659ea8976fcea06e9585
- SHA512
  
  0b6ff7d6b80d994d164aee2877188849405b213df9653f357c1b5db20f85519bbf82e698996005bb6037e1dd634f753b829729285565c82353e3ff2c550b175b
- SSDEEP
  
  384:meW/Wu1BGOusV5iQalskxd6RHoPa8dnZfVQFxo7:+/VUQaGe6Bwa8PfVQFg
Score

8^/10

discovery persistence
- Sets service image path in registry
  persistence
- Deletes itself
- Executes dropped EXE
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence