29d3d7ba82ef6982516a3d83160d15fc72dda64efa0dc046e56eeaa23b910853 | Triage

Sharing

General

Target

81c07e6bd8aff90cf677c928421f5040_JaffaCakes118
Size

486KB
Sample

240801-zd2alszgld
MD5

81c07e6bd8aff90cf677c928421f5040
SHA1

9e3b30806068a7cbcf45d071e21bd5d185f38080
SHA256

29d3d7ba82ef6982516a3d83160d15fc72dda64efa0dc046e56eeaa23b910853
SHA512

1b5a41de295f8f543ffcc16ae8b7545bfebd42944d21f0666aada7c7d709cb273b6dbdfa06f47383797b2b4c2f83c87b6ebe72cec09ae88664c22bf79147d3f8
SSDEEP

12288:hS0rFsB4171IZqevP7uQ5kpv7pN+42QPp1K5QlG+1BuUQSfcEiP/3IWVB/ux8cge:LFsB4171IZGVN+42Apg+bI/0

Score

6^/10

discovery persistence

Malware Config

Targets

- Target
  
  81c07e6bd8aff90cf677c928421f5040_JaffaCakes118
- Size
  
  486KB
- MD5
  
  81c07e6bd8aff90cf677c928421f5040
- SHA1
  
  9e3b30806068a7cbcf45d071e21bd5d185f38080
- SHA256
  
  29d3d7ba82ef6982516a3d83160d15fc72dda64efa0dc046e56eeaa23b910853
- SHA512
  
  1b5a41de295f8f543ffcc16ae8b7545bfebd42944d21f0666aada7c7d709cb273b6dbdfa06f47383797b2b4c2f83c87b6ebe72cec09ae88664c22bf79147d3f8
- SSDEEP
  
  12288:hS0rFsB4171IZqevP7uQ5kpv7pN+42QPp1K5QlG+1BuUQSfcEiP/3IWVB/ux8cge:LFsB4171IZGVN+42Apg+bI/0
Score

6^/10

persistence discovery
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence