a3948b7e4771ef4445a84f889e5ae50f888242d7d6f5691ec14979c14aa06482 | Triage

Sharing

General

Target

83ff28e68eba6a7e49f2c5ff6047f3d8_JaffaCakes118
Size

384KB
Sample

240809-3ktqwsygpc
MD5

83ff28e68eba6a7e49f2c5ff6047f3d8
SHA1

63eb7f919e8840e93d4679f943fc07d547854a59
SHA256

a3948b7e4771ef4445a84f889e5ae50f888242d7d6f5691ec14979c14aa06482
SHA512

a75d468c9f2c3af01e575d3a372bd0425aee668074179e32cfbed53e15fb396642b1b3fc66e5eb08af2b1dffac799da2e43936cb66d043ba3d8d94b3c45f3b88
SSDEEP

3072:N6dpLVRZfl1AUHz26YqQUssACQ+3D9L1QuBKvo8owpa5Y1gHi6qpaJftMW/n6uyg:uphQ/8T9L1QuKo8dpaySJqpap/6uy

Score

6^/10

discovery persistence

Malware Config

Targets

- Target
  
  83ff28e68eba6a7e49f2c5ff6047f3d8_JaffaCakes118
- Size
  
  384KB
- MD5
  
  83ff28e68eba6a7e49f2c5ff6047f3d8
- SHA1
  
  63eb7f919e8840e93d4679f943fc07d547854a59
- SHA256
  
  a3948b7e4771ef4445a84f889e5ae50f888242d7d6f5691ec14979c14aa06482
- SHA512
  
  a75d468c9f2c3af01e575d3a372bd0425aee668074179e32cfbed53e15fb396642b1b3fc66e5eb08af2b1dffac799da2e43936cb66d043ba3d8d94b3c45f3b88
- SSDEEP
  
  3072:N6dpLVRZfl1AUHz26YqQUssACQ+3D9L1QuBKvo8owpa5Y1gHi6qpaJftMW/n6uyg:uphQ/8T9L1QuKo8dpaySJqpap/6uy
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence