5e49fcad6d7a95781d25874242be2e8f9dd54a3eff84f65fe67dd2da05590587 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

abbb8c32e31456ed12f339dde741e36b_JaffaCakes118
Size

333KB
Sample

240819-tx4besxhmq
MD5

abbb8c32e31456ed12f339dde741e36b
SHA1

a04ac9d71af03d15fa5e54d62a8da6c865409f71
SHA256

5e49fcad6d7a95781d25874242be2e8f9dd54a3eff84f65fe67dd2da05590587
SHA512

cf222a92319144d12bf1bad71cc8431feb8606fdf5cce66320945bab81d3e082cf6c38651c41928b80db7b0cad677ae700250aabdceefe3a7540293dc3ef39b4
SSDEEP

6144:kuqaINe3J9LUtu0H9Xuzim4bGzn/UpbTAQzbuD9IYizW9PQDdIpO/sDrNkPgL+A+:kFr43rS9X/SrclTAao9iS9oDUdcgLfeH

Score

5^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  abbb8c32e31456ed12f339dde741e36b_JaffaCakes118
- Size
  
  333KB
- MD5
  
  abbb8c32e31456ed12f339dde741e36b
- SHA1
  
  a04ac9d71af03d15fa5e54d62a8da6c865409f71
- SHA256
  
  5e49fcad6d7a95781d25874242be2e8f9dd54a3eff84f65fe67dd2da05590587
- SHA512
  
  cf222a92319144d12bf1bad71cc8431feb8606fdf5cce66320945bab81d3e082cf6c38651c41928b80db7b0cad677ae700250aabdceefe3a7540293dc3ef39b4
- SSDEEP
  
  6144:kuqaINe3J9LUtu0H9Xuzim4bGzn/UpbTAQzbuD9IYizW9PQDdIpO/sDrNkPgL+A+:kFr43rS9X/SrclTAao9iS9oDUdcgLfeH
Score

5^/10

discovery persistence privilege_escalation
- Boot or Logon Autostart Execution: Authentication Package
  Suspicious Windows Authentication Registry Modification.
  persistence privilege_escalation
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Authentication Package

Privilege Escalation

Boot or Logon Autostart Execution

Authentication Package

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistenceprivilege_escalation