1e0ed721040c2e3d63c845ac6d932eff5162d3a6eb24689e687cae30985951d9 | Triage

Sharing

General

Target

a46551c1bdab3a0c923503e7fa16778f_JaffaCakes118
Size

219KB
Sample

240817-2fdy7s1cjh
MD5

a46551c1bdab3a0c923503e7fa16778f
SHA1

602813cb29471b62dcd8da065a7fa872a523a6d5
SHA256

1e0ed721040c2e3d63c845ac6d932eff5162d3a6eb24689e687cae30985951d9
SHA512

e7185b53674002f742810d4cb0f858f3e0f8c65fc89ae62ed049d2dddc61b43c3e5a7f722843e08d672c953ef88bfc7afa453af8a17d71925b85182491b5d7c3
SSDEEP

3072:Zk6/SAnzOr3uP7qoArkUh//ko1ccfCTR9gjOIA4pWC:C6/zKiPUNT1cACTfgjd1AC

Score

10^/10

discovery persistence

Malware Config

Extracted

Credentials

Protocol: smtp
Host:
smtp.gmail.com
Port:
587
Username:
[email protected]
Password:
***098***

Targets

- Target
  
  a46551c1bdab3a0c923503e7fa16778f_JaffaCakes118
- Size
  
  219KB
- MD5
  
  a46551c1bdab3a0c923503e7fa16778f
- SHA1
  
  602813cb29471b62dcd8da065a7fa872a523a6d5
- SHA256
  
  1e0ed721040c2e3d63c845ac6d932eff5162d3a6eb24689e687cae30985951d9
- SHA512
  
  e7185b53674002f742810d4cb0f858f3e0f8c65fc89ae62ed049d2dddc61b43c3e5a7f722843e08d672c953ef88bfc7afa453af8a17d71925b85182491b5d7c3
- SSDEEP
  
  3072:Zk6/SAnzOr3uP7qoArkUh//ko1ccfCTR9gjOIA4pWC:C6/zKiPUNT1cACTfgjd1AC
Score

10^/10

discovery persistence
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence