f84e452ab2a7a2eab3b47a74fcf7e88f3a6f2a7cc8b0399da062adbe92497d78 | Triage

Sharing

General

Target

041ef0cd8731e7e9bd0c35f6e16d2807_JaffaCakes118
Size

450KB
Sample

240728-a7ntyayaqm
MD5

041ef0cd8731e7e9bd0c35f6e16d2807
SHA1

b506a49f244359bf5062665271d773bd595c4570
SHA256

f84e452ab2a7a2eab3b47a74fcf7e88f3a6f2a7cc8b0399da062adbe92497d78
SHA512

affe94963e905441a002e97edb39ba64d304e8e0504d67b155e7fbdc1e4e1ab8c5041145a2970c88366754fe062ce70486e42d360c4aa51d99f506a6b8159df9
SSDEEP

6144:8EicAkEicAKKJNfTxo2i4Qiza4O7N68XEicAkEicAKKJNfTxo2i4Qiza4O7N686:gc7ctKJ16Gna4Y6Uc7ctKJ16Gna4Y6h

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  041ef0cd8731e7e9bd0c35f6e16d2807_JaffaCakes118
- Size
  
  450KB
- MD5
  
  041ef0cd8731e7e9bd0c35f6e16d2807
- SHA1
  
  b506a49f244359bf5062665271d773bd595c4570
- SHA256
  
  f84e452ab2a7a2eab3b47a74fcf7e88f3a6f2a7cc8b0399da062adbe92497d78
- SHA512
  
  affe94963e905441a002e97edb39ba64d304e8e0504d67b155e7fbdc1e4e1ab8c5041145a2970c88366754fe062ce70486e42d360c4aa51d99f506a6b8159df9
- SSDEEP
  
  6144:8EicAkEicAKKJNfTxo2i4Qiza4O7N68XEicAkEicAKKJNfTxo2i4Qiza4O7N686:gc7ctKJ16Gna4Y6Uc7ctKJ16Gna4Y6h
Score

8^/10

discovery persistence
- Event Triggered Execution: Image File Execution Options Injection
  persistence
- Modifies system executable filetype association
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Change Default File Association

Image File Execution Options Injection

Privilege Escalation

Event Triggered Execution

Change Default File Association

Image File Execution Options Injection

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence