adcef74cd90ab33ab5ae7e77ebeba135fe44d27b19c8427731566572afcad5f6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a9a78fb53d10afa241a8e55d3a08c92a_JaffaCakes118
Size

204KB
Sample

240819-fg3s3aveph
MD5

a9a78fb53d10afa241a8e55d3a08c92a
SHA1

15904a1c7f2087f354dcfcee7ff62a264466bf25
SHA256

adcef74cd90ab33ab5ae7e77ebeba135fe44d27b19c8427731566572afcad5f6
SHA512

f97781e1e44d115cf9b39112c1bc1fa8f90c2dd3e80401e73121bacb1ad2994388ef4856d918fa89bcce1b65b3c0e7a129b892185d519ef31b30a735e141096b
SSDEEP

3072:Zkep32bFusWQrHdtG7A0E2EEjP7/aOGC3AULsAsFEMQMwGTUC:Zkep3eFusWIt/TejP7/a+3AULsAsFm

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  a9a78fb53d10afa241a8e55d3a08c92a_JaffaCakes118
- Size
  
  204KB
- MD5
  
  a9a78fb53d10afa241a8e55d3a08c92a
- SHA1
  
  15904a1c7f2087f354dcfcee7ff62a264466bf25
- SHA256
  
  adcef74cd90ab33ab5ae7e77ebeba135fe44d27b19c8427731566572afcad5f6
- SHA512
  
  f97781e1e44d115cf9b39112c1bc1fa8f90c2dd3e80401e73121bacb1ad2994388ef4856d918fa89bcce1b65b3c0e7a129b892185d519ef31b30a735e141096b
- SSDEEP
  
  3072:Zkep32bFusWQrHdtG7A0E2EEjP7/aOGC3AULsAsFEMQMwGTUC:Zkep3eFusWIt/TejP7/a+3AULsAsFm
Score

7^/10

discovery persistence
- Deletes itself
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence