1e3886cfac8c48ff0cf031fe31d1ac8fd88b81296b8702698a0c760e07665b7f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

868fca4db93d70341bef060ad62496d0_JaffaCakes118
Size

68KB
Sample

240810-sl7c9svdrk
MD5

868fca4db93d70341bef060ad62496d0
SHA1

a5945d979f0f7b5d20a008434e3aa5222da9535e
SHA256

1e3886cfac8c48ff0cf031fe31d1ac8fd88b81296b8702698a0c760e07665b7f
SHA512

196705688d90cd6a7bb36339451a0fe26b95fc2a029b0137a00a34bf09eb607ca0905272a794775a39bd025f0ed8e9e793de8ed7fbc2d9c736093990f8f26dfc
SSDEEP

1536:FNxU+W+73uSpoo3e/8+dcr2yS7ytMuh1MAHHHgc6/S:NU+W+qNo3e9Sy/K0n3/S

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  868fca4db93d70341bef060ad62496d0_JaffaCakes118
- Size
  
  68KB
- MD5
  
  868fca4db93d70341bef060ad62496d0
- SHA1
  
  a5945d979f0f7b5d20a008434e3aa5222da9535e
- SHA256
  
  1e3886cfac8c48ff0cf031fe31d1ac8fd88b81296b8702698a0c760e07665b7f
- SHA512
  
  196705688d90cd6a7bb36339451a0fe26b95fc2a029b0137a00a34bf09eb607ca0905272a794775a39bd025f0ed8e9e793de8ed7fbc2d9c736093990f8f26dfc
- SSDEEP
  
  1536:FNxU+W+73uSpoo3e/8+dcr2yS7ytMuh1MAHHHgc6/S:NU+W+qNo3e9Sy/K0n3/S
Score

8^/10

discovery persistence
- Event Triggered Execution: Image File Execution Options Injection
  persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Event Triggered Execution

Image File Execution Options Injection

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Event Triggered Execution

Image File Execution Options Injection

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence