56bf6976b24cf5405e5ba828a49c476cdfa42504e95bfaa95990e9f2c7c5893a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8778e46518ad9404df9a489be25e8737_JaffaCakes118
Size

48KB
Sample

240810-yskqqswamp
MD5

8778e46518ad9404df9a489be25e8737
SHA1

542a90c638985aa0c282131672eddc1a7d1d5f18
SHA256

56bf6976b24cf5405e5ba828a49c476cdfa42504e95bfaa95990e9f2c7c5893a
SHA512

38dbc0889206603f3645a20c75ba680e5a10e3c6256ce1b669b9f305d11539888bf9641f591bb94162233b869ff566e35af53f24e3284f0e9e350e553296f712
SSDEEP

384:NeHwdDKEF7mH+qWL5O89T0ctgu8WO+JYJ/JHStAbqJME9dFk0NWXYCcWn45zLTkS:NeHwEw/5N0kdwUdcY7H5r

Score

6^/10

discovery persistence

Malware Config

Targets

- Target
  
  8778e46518ad9404df9a489be25e8737_JaffaCakes118
- Size
  
  48KB
- MD5
  
  8778e46518ad9404df9a489be25e8737
- SHA1
  
  542a90c638985aa0c282131672eddc1a7d1d5f18
- SHA256
  
  56bf6976b24cf5405e5ba828a49c476cdfa42504e95bfaa95990e9f2c7c5893a
- SHA512
  
  38dbc0889206603f3645a20c75ba680e5a10e3c6256ce1b669b9f305d11539888bf9641f591bb94162233b869ff566e35af53f24e3284f0e9e350e553296f712
- SSDEEP
  
  384:NeHwdDKEF7mH+qWL5O89T0ctgu8WO+JYJ/JHStAbqJME9dFk0NWXYCcWn45zLTkS:NeHwEw/5N0kdwUdcY7H5r
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence