b9f0771376ae48a90052befcdd18bd5a8bb20b849711e479367a2f8a2ae13368 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a55bd7a3807ae6dd15db1b48ce2a71fc_JaffaCakes118
Size

207KB
Sample

240818-exwt1svenf
MD5

a55bd7a3807ae6dd15db1b48ce2a71fc
SHA1

40aa312c0e548af6ec099456c0ee19a85fb57226
SHA256

b9f0771376ae48a90052befcdd18bd5a8bb20b849711e479367a2f8a2ae13368
SHA512

c7d7dc0a4720b1d92262c576a870ae0ba1d914d529c0eb62496512353270a425223434e8eb29881c7213a311f8027ec59f0a6bd2be140a3ad3ac6eac41526ab1
SSDEEP

3072:L5BKHhrzXWrDhxBsyzKkWTzqpnWf2qs+BUQQvO9kOpJ/j5q5UC:9UpXyz8TzqpnejfBUQQvO9kOpVo5F

Score

6^/10

discovery persistence

Malware Config

Targets

- Target
  
  a55bd7a3807ae6dd15db1b48ce2a71fc_JaffaCakes118
- Size
  
  207KB
- MD5
  
  a55bd7a3807ae6dd15db1b48ce2a71fc
- SHA1
  
  40aa312c0e548af6ec099456c0ee19a85fb57226
- SHA256
  
  b9f0771376ae48a90052befcdd18bd5a8bb20b849711e479367a2f8a2ae13368
- SHA512
  
  c7d7dc0a4720b1d92262c576a870ae0ba1d914d529c0eb62496512353270a425223434e8eb29881c7213a311f8027ec59f0a6bd2be140a3ad3ac6eac41526ab1
- SSDEEP
  
  3072:L5BKHhrzXWrDhxBsyzKkWTzqpnWf2qs+BUQQvO9kOpJ/j5q5UC:9UpXyz8TzqpnejfBUQQvO9kOpVo5F
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence