b50cabda0dddc196e04f9840429380f0adf905ed9c2af9c217dc9a5ec7942fb9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8b031b29f7f9c4eb83ebafc1a49a787c_JaffaCakes118
Size

126KB
Sample

240811-tg87qswfqk
MD5

8b031b29f7f9c4eb83ebafc1a49a787c
SHA1

f1fa2438fb0c3e6d79b2cf412f18ae0eaef23fc6
SHA256

b50cabda0dddc196e04f9840429380f0adf905ed9c2af9c217dc9a5ec7942fb9
SHA512

ef098121a32620fece70145e4d9ae47f12e4ef7bd0d3cca49141ec3b7f49efc5aba0f8cc224830fcbddbb1fe17fd9c5654c89c02d523dfc26eab3012924dc7ee
SSDEEP

1536:EVZ/5DMlPl/8K+tBmt7JNdkKAI+q6A2DgOwY6pQLG3s3wEIg8RhWusKQxnDcFqTa:ET/+VdLtJNolkwudEIgiisoWpoa1Xv

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  8b031b29f7f9c4eb83ebafc1a49a787c_JaffaCakes118
- Size
  
  126KB
- MD5
  
  8b031b29f7f9c4eb83ebafc1a49a787c
- SHA1
  
  f1fa2438fb0c3e6d79b2cf412f18ae0eaef23fc6
- SHA256
  
  b50cabda0dddc196e04f9840429380f0adf905ed9c2af9c217dc9a5ec7942fb9
- SHA512
  
  ef098121a32620fece70145e4d9ae47f12e4ef7bd0d3cca49141ec3b7f49efc5aba0f8cc224830fcbddbb1fe17fd9c5654c89c02d523dfc26eab3012924dc7ee
- SSDEEP
  
  1536:EVZ/5DMlPl/8K+tBmt7JNdkKAI+q6A2DgOwY6pQLG3s3wEIg8RhWusKQxnDcFqTa:ET/+VdLtJNolkwudEIgiisoWpoa1Xv
Score

8^/10

discovery persistence
- Blocklisted process makes network request
- Sets service image path in registry
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2