ad582087a9e831f6a0c650a485d229c7121da9dbcd46bb6b3dcf5d4357929718 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8a7f559ec10e89ad12bbe9a343b2d663_JaffaCakes118
Size

9KB
Sample

240811-qhknzs1cnm
MD5

8a7f559ec10e89ad12bbe9a343b2d663
SHA1

480581b6feb29f533b6d01a6e2eb938fa41ca422
SHA256

ad582087a9e831f6a0c650a485d229c7121da9dbcd46bb6b3dcf5d4357929718
SHA512

71d28ae3d04eddd3e2f06b957008509c212a8c8c9f177f5ec862c46513d3eeb5274ef3222130f555633f46a71741a6ac3cb9da2c8982950d1bcc203fdcf10a9a
SSDEEP

192:qnTL5341b8R4DHrPXLOodr9u1/KVBK7lR:qf90b8CPvbd41/GK7l

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  8a7f559ec10e89ad12bbe9a343b2d663_JaffaCakes118
- Size
  
  9KB
- MD5
  
  8a7f559ec10e89ad12bbe9a343b2d663
- SHA1
  
  480581b6feb29f533b6d01a6e2eb938fa41ca422
- SHA256
  
  ad582087a9e831f6a0c650a485d229c7121da9dbcd46bb6b3dcf5d4357929718
- SHA512
  
  71d28ae3d04eddd3e2f06b957008509c212a8c8c9f177f5ec862c46513d3eeb5274ef3222130f555633f46a71741a6ac3cb9da2c8982950d1bcc203fdcf10a9a
- SSDEEP
  
  192:qnTL5341b8R4DHrPXLOodr9u1/KVBK7lR:qf90b8CPvbd41/GK7l
Score

8^/10

persistence discovery
- Boot or Logon Autostart Execution: Active Setup
  Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Active Setup

Privilege Escalation

Boot or Logon Autostart Execution

Active Setup

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2