916a00691455ad9de3a1ab81858c6b01e7146e492764349bb40fbd7c87afc2f3 | Triage

Sharing

General

Target

821badfa799c2792e6fe915135dc56d6_JaffaCakes118
Size

49KB
Sample

240801-27ygxsweja
MD5

821badfa799c2792e6fe915135dc56d6
SHA1

284aed5a0dd3c7e40f4545058f58c25ae84188b8
SHA256

916a00691455ad9de3a1ab81858c6b01e7146e492764349bb40fbd7c87afc2f3
SHA512

57a124e47857fb32a3f980a8202e8efce1028f15343c677dde18b40406d6242c57ab940257d751698de760fb782787348d7b28e78438e3ee520c1e3c2b7dd7a5
SSDEEP

1536:tbCHPYSc2UdDyZWCiLT/kcKs7LFFNo/oUC:wHPNcdMMLT/RpFr

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  821badfa799c2792e6fe915135dc56d6_JaffaCakes118
- Size
  
  49KB
- MD5
  
  821badfa799c2792e6fe915135dc56d6
- SHA1
  
  284aed5a0dd3c7e40f4545058f58c25ae84188b8
- SHA256
  
  916a00691455ad9de3a1ab81858c6b01e7146e492764349bb40fbd7c87afc2f3
- SHA512
  
  57a124e47857fb32a3f980a8202e8efce1028f15343c677dde18b40406d6242c57ab940257d751698de760fb782787348d7b28e78438e3ee520c1e3c2b7dd7a5
- SSDEEP
  
  1536:tbCHPYSc2UdDyZWCiLT/kcKs7LFFNo/oUC:wHPNcdMMLT/RpFr
Score

8^/10

discovery persistence
- Adds policy Run key to start application
  persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence