74e263c6395ea8d5fe3727a49233fe668574e658c3d015232f04acb3212156ec | Triage

Sharing

General

Target

a0dd1dbf4c994bf9ff720f2fb3904a63_JaffaCakes118
Size

4.6MB
Sample

240817-cwfejasbme
MD5

a0dd1dbf4c994bf9ff720f2fb3904a63
SHA1

a7cc489bb4f11acee8f4acc43ea4fa3024d982eb
SHA256

74e263c6395ea8d5fe3727a49233fe668574e658c3d015232f04acb3212156ec
SHA512

37f114e9efb669ef95e50995cd7bebfbceaa2895f470b88f71a16659433a9a35333ef9337ecd2431c0b0d0bc2932822f8fd64f17f1dbe9fd3aad1542b5193a40
SSDEEP

98304:LAS0VNkU6a9Ijnea421UY95lUkrGYsUFNCpr:LASMkU6a9zb29HaHgCp

Score

6^/10

discovery persistence

Malware Config

Targets

- Target
  
  a0dd1dbf4c994bf9ff720f2fb3904a63_JaffaCakes118
- Size
  
  4.6MB
- MD5
  
  a0dd1dbf4c994bf9ff720f2fb3904a63
- SHA1
  
  a7cc489bb4f11acee8f4acc43ea4fa3024d982eb
- SHA256
  
  74e263c6395ea8d5fe3727a49233fe668574e658c3d015232f04acb3212156ec
- SHA512
  
  37f114e9efb669ef95e50995cd7bebfbceaa2895f470b88f71a16659433a9a35333ef9337ecd2431c0b0d0bc2932822f8fd64f17f1dbe9fd3aad1542b5193a40
- SSDEEP
  
  98304:LAS0VNkU6a9Ijnea421UY95lUkrGYsUFNCpr:LASMkU6a9zb29HaHgCp
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Scheduled Task

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2