42dfa3e1548b386df5e80cb5d832fc31223b2164d8c9be984eadecb12e38aad5 | Triage

Sharing

General

Target

0430ce44c909d9a2071461689f4c70d0_JaffaCakes118
Size

708KB
Sample

240728-a9eztaybnq
MD5

0430ce44c909d9a2071461689f4c70d0
SHA1

4905fb5bd7abab97563eb8587e6bd8c18e1bb26e
SHA256

42dfa3e1548b386df5e80cb5d832fc31223b2164d8c9be984eadecb12e38aad5
SHA512

abb5aa9534eb01d82a9c9c3909f8011d8ed688f559ea44051b50a53907c3fc1e6104daf619d8192d5a3aa906cb9f329d13e0253a64b9dc765b0a53cb35c412d1
SSDEEP

12288:gcjdpJ16Gna4Y6REllPaaAcjdpJ16Gna4Y6REllPaaF:g6dpJxZmllI6dpJxZmll9

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  0430ce44c909d9a2071461689f4c70d0_JaffaCakes118
- Size
  
  708KB
- MD5
  
  0430ce44c909d9a2071461689f4c70d0
- SHA1
  
  4905fb5bd7abab97563eb8587e6bd8c18e1bb26e
- SHA256
  
  42dfa3e1548b386df5e80cb5d832fc31223b2164d8c9be984eadecb12e38aad5
- SHA512
  
  abb5aa9534eb01d82a9c9c3909f8011d8ed688f559ea44051b50a53907c3fc1e6104daf619d8192d5a3aa906cb9f329d13e0253a64b9dc765b0a53cb35c412d1
- SSDEEP
  
  12288:gcjdpJ16Gna4Y6REllPaaAcjdpJ16Gna4Y6REllPaaF:g6dpJxZmllI6dpJxZmll9
Score

8^/10

discovery persistence
- Event Triggered Execution: Image File Execution Options Injection
  persistence
- Modifies system executable filetype association
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Change Default File Association

Image File Execution Options Injection

Privilege Escalation

Event Triggered Execution

Change Default File Association

Image File Execution Options Injection

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence