26fc7c213cb8ccfad7cef246ba47249b2c800687b4597e817e3a359f06ea1845 | Triage

Sharing

General

Target

a2f78c24593ef4b4660d2adec060acc8_JaffaCakes118
Size

48KB
Sample

240817-r6r9ea1dlc
MD5

a2f78c24593ef4b4660d2adec060acc8
SHA1

78489033421f2eb5f325b69c08027778da7d55f6
SHA256

26fc7c213cb8ccfad7cef246ba47249b2c800687b4597e817e3a359f06ea1845
SHA512

3c47a9d3d9d755a252335e93786c02faa54ee382a3d87c5c4015ef61782adcd9f3569113a0b87681fb128722436246dc88f15d60f0c52a16d061c5f32bafde97
SSDEEP

768:oK2f1pfN8B7Zqf+Rbnh5PaUYzdaMIYQz86CHiPiBFTCk9TO7nESmjid1Trqfd0wa:oKgHuNqabn9mk2TC053jQ1Tr22wOMgf

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  a2f78c24593ef4b4660d2adec060acc8_JaffaCakes118
- Size
  
  48KB
- MD5
  
  a2f78c24593ef4b4660d2adec060acc8
- SHA1
  
  78489033421f2eb5f325b69c08027778da7d55f6
- SHA256
  
  26fc7c213cb8ccfad7cef246ba47249b2c800687b4597e817e3a359f06ea1845
- SHA512
  
  3c47a9d3d9d755a252335e93786c02faa54ee382a3d87c5c4015ef61782adcd9f3569113a0b87681fb128722436246dc88f15d60f0c52a16d061c5f32bafde97
- SSDEEP
  
  768:oK2f1pfN8B7Zqf+Rbnh5PaUYzdaMIYQz86CHiPiBFTCk9TO7nESmjid1Trqfd0wa:oKgHuNqabn9mk2TC053jQ1Tr22wOMgf
Score

8^/10

discovery persistence
- Sets service image path in registry
  persistence
- Deletes itself
- Executes dropped EXE
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence