d4d29b09a20f3899ad3ec2fe81e825b42ba6839bfe55502fd0624ef8e816d06b | Triage

Sharing

General

Target

a7d7225f07f69835b236240527461666_JaffaCakes118
Size

14KB
Sample

240818-xnsp4sscnj
MD5

a7d7225f07f69835b236240527461666
SHA1

12876011f9e8ce346b70d5dc8d85728ea72be54d
SHA256

d4d29b09a20f3899ad3ec2fe81e825b42ba6839bfe55502fd0624ef8e816d06b
SHA512

fd11f3f9ace7912540c3bd0083b531d21f7bb77446a6e5c1f7449a11934756678de2db6567dcd0ece47840d81ad0ac0c2abc1ab95be289ef866cfb91fc25a331
SSDEEP

384:mNW/W5FGOu7H8/D9X9wj6gHxPO/uS8i9Puej0rV:oWHqD9V2xPK89ej0rV

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  a7d7225f07f69835b236240527461666_JaffaCakes118
- Size
  
  14KB
- MD5
  
  a7d7225f07f69835b236240527461666
- SHA1
  
  12876011f9e8ce346b70d5dc8d85728ea72be54d
- SHA256
  
  d4d29b09a20f3899ad3ec2fe81e825b42ba6839bfe55502fd0624ef8e816d06b
- SHA512
  
  fd11f3f9ace7912540c3bd0083b531d21f7bb77446a6e5c1f7449a11934756678de2db6567dcd0ece47840d81ad0ac0c2abc1ab95be289ef866cfb91fc25a331
- SSDEEP
  
  384:mNW/W5FGOu7H8/D9X9wj6gHxPO/uS8i9Puej0rV:oWHqD9V2xPK89ej0rV
Score

8^/10

discovery persistence
- Sets service image path in registry
  persistence
- Deletes itself
- Executes dropped EXE
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence