8c81b28a6f64517db73f55c0e2b4c2d9f5457e4ab7e441a230c115bfc9268c3a | Triage

Sharing

General

Target

954d97567f391c7123aa65184e6c5227_JaffaCakes118
Size

562KB
Sample

240814-j79abasame
MD5

954d97567f391c7123aa65184e6c5227
SHA1

db286c18ffcf7e99b1aa15a25a4aeb902cf0b1ed
SHA256

8c81b28a6f64517db73f55c0e2b4c2d9f5457e4ab7e441a230c115bfc9268c3a
SHA512

3218fb1338c52e25e7ea84ff430f2b9a3b48a19281df2cced0212139fd9e171f79214e57db506a81296f72f0871e4a1dae39ee3cf21662e9f9d6893da5fb42cf
SSDEEP

12288:sD41Agv6WEUV1VbDM4oMNJ9JSNFyR7ouUTL/I8do17GCBR6A2yjI3vEOWtK:sD41A7WvVrgCJv+FgoxqVRFjItWtK

Score

6^/10

discovery persistence

Malware Config

Targets

- Target
  
  954d97567f391c7123aa65184e6c5227_JaffaCakes118
- Size
  
  562KB
- MD5
  
  954d97567f391c7123aa65184e6c5227
- SHA1
  
  db286c18ffcf7e99b1aa15a25a4aeb902cf0b1ed
- SHA256
  
  8c81b28a6f64517db73f55c0e2b4c2d9f5457e4ab7e441a230c115bfc9268c3a
- SHA512
  
  3218fb1338c52e25e7ea84ff430f2b9a3b48a19281df2cced0212139fd9e171f79214e57db506a81296f72f0871e4a1dae39ee3cf21662e9f9d6893da5fb42cf
- SSDEEP
  
  12288:sD41Agv6WEUV1VbDM4oMNJ9JSNFyR7ouUTL/I8do17GCBR6A2yjI3vEOWtK:sD41A7WvVrgCJv+FgoxqVRFjItWtK
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence