92bd5bcbd1db0ace4bbfa1d0baa881a340886aea8a0575d868403dc726188f47 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

784b2d6d0aa73cf77d63c4e4c53f18bc_JaffaCakes118
Size

18.9MB
Sample

240727-qext5stgkd
MD5

784b2d6d0aa73cf77d63c4e4c53f18bc
SHA1

870e98f35f6f0fa2eb06ad80b4d3a58673f4898a
SHA256

92bd5bcbd1db0ace4bbfa1d0baa881a340886aea8a0575d868403dc726188f47
SHA512

3dd0fdf109db516d0ce9590b879cf49d20843f9c1c6e608806642999c989421f22f610d202fc73461028a3d30142cd08d28e10097b57cc53383a1dc11c5f6fd5
SSDEEP

98304:28haS9aLJKtrdaA6jywuCLoAm3g8HpD5gbAdhVgVqAoXU4/:2lS0NKtrdaAI/8Hp9dhO2/

Score

8^/10

discovery evasion execution persistence

Malware Config

Targets

- Target
  
  784b2d6d0aa73cf77d63c4e4c53f18bc_JaffaCakes118
- Size
  
  18.9MB
- MD5
  
  784b2d6d0aa73cf77d63c4e4c53f18bc
- SHA1
  
  870e98f35f6f0fa2eb06ad80b4d3a58673f4898a
- SHA256
  
  92bd5bcbd1db0ace4bbfa1d0baa881a340886aea8a0575d868403dc726188f47
- SHA512
  
  3dd0fdf109db516d0ce9590b879cf49d20843f9c1c6e608806642999c989421f22f610d202fc73461028a3d30142cd08d28e10097b57cc53383a1dc11c5f6fd5
- SSDEEP
  
  98304:28haS9aLJKtrdaA6jywuCLoAm3g8HpD5gbAdhVgVqAoXU4/:2lS0NKtrdaAI/8Hp9dhO2/
Score

8^/10

discovery evasion execution persistence
- Stops running service(s)
  evasion execution
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

System Services

Service Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Scheduled Task/Job

Scheduled Task

Defense Evasion

Impair Defenses

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1

discoveryevasionexecutionpersistence

behavioral2

discoveryevasionexecutionpersistence