dc87c8a895765c42de799359b51701190466e2a0884a8ec3a0560bf4713b434f | Triage

Sharing

General

Target

85327b326830a26595a5e97f793c1992_JaffaCakes118
Size

6KB
Sample

240810-hteywazemn
MD5

85327b326830a26595a5e97f793c1992
SHA1

ab292ab6f0ae7944bedcb0ceda713df1bb42f730
SHA256

dc87c8a895765c42de799359b51701190466e2a0884a8ec3a0560bf4713b434f
SHA512

970b8e1b658b595a236a498d9cf8378f356d528358874bb7550a0ef0c5ca9482df2fd5e96e46f4922fb7ff996a1c4d3b2b920a250f8342f87c67f406ece1bd81
SSDEEP

96:LujNp/gV38iiUbffFPBQzKDsphXToeYHpt86op/g9zYA3iU8:LKL4MIb3BsasphXTPYUbKztSn

Score

7^/10

defense_evasion discovery persistence

Malware Config

Targets

- Target
  
  85327b326830a26595a5e97f793c1992_JaffaCakes118
- Size
  
  6KB
- MD5
  
  85327b326830a26595a5e97f793c1992
- SHA1
  
  ab292ab6f0ae7944bedcb0ceda713df1bb42f730
- SHA256
  
  dc87c8a895765c42de799359b51701190466e2a0884a8ec3a0560bf4713b434f
- SHA512
  
  970b8e1b658b595a236a498d9cf8378f356d528358874bb7550a0ef0c5ca9482df2fd5e96e46f4922fb7ff996a1c4d3b2b920a250f8342f87c67f406ece1bd81
- SSDEEP
  
  96:LujNp/gV38iiUbffFPBQzKDsphXToeYHpt86op/g9zYA3iU8:LKL4MIb3BsasphXTPYUbKztSn
Score

7^/10

defense_evasion discovery persistence
- Deletes itself
- Adds Run key to start application
  persistence
- Indicator Removal: File Deletion
  Adversaries may delete files left behind by the actions of their intrusion activity.
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Indicator Removal

File Deletion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscoverypersistence

behavioral2