52bcb82d48f2b9bdae24177b9897bb0207b48c0dbbbc67b665acd24427f7c8cd | Triage

Sharing

General

Target

a6201fecae55a6a5321eeb8c1de46f41_JaffaCakes118
Size

288KB
Sample

240818-kpsqaaycnn
MD5

a6201fecae55a6a5321eeb8c1de46f41
SHA1

6df8c4dd57eb36bebb6f165582b2886c7c46790b
SHA256

52bcb82d48f2b9bdae24177b9897bb0207b48c0dbbbc67b665acd24427f7c8cd
SHA512

a56f90c204f1ff6a37f9db79315e22c10c6b2d58ed67da04e2a6a9f1769d004d0850ccc018d776a6692f0ae96f9f47109064075f5dbf57ea9cec6acae04e9686
SSDEEP

3072:U/bh5Mchmuk0VyShtPdIuG8UvahsdcYX3UI2EuJ3im/ZCdady+RlTp/VYq63+s:U/bBhmkPBUyhsdEI2++M+RlTHY

Score

6^/10

discovery persistence

Malware Config

Targets

- Target
  
  a6201fecae55a6a5321eeb8c1de46f41_JaffaCakes118
- Size
  
  288KB
- MD5
  
  a6201fecae55a6a5321eeb8c1de46f41
- SHA1
  
  6df8c4dd57eb36bebb6f165582b2886c7c46790b
- SHA256
  
  52bcb82d48f2b9bdae24177b9897bb0207b48c0dbbbc67b665acd24427f7c8cd
- SHA512
  
  a56f90c204f1ff6a37f9db79315e22c10c6b2d58ed67da04e2a6a9f1769d004d0850ccc018d776a6692f0ae96f9f47109064075f5dbf57ea9cec6acae04e9686
- SSDEEP
  
  3072:U/bh5Mchmuk0VyShtPdIuG8UvahsdcYX3UI2EuJ3im/ZCdady+RlTp/VYq63+s:U/bBhmkPBUyhsdEI2++M+RlTHY
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence