f2df8b277d5903d958f41c4b81ad85b5b049cfa52be2993d7ef61fbcbcff20e3 | Triage

Sharing

General

Target

b15441fd1459605d7d1d9c3299287d5c_JaffaCakes118
Size

46KB
Sample

240820-3r9exstbmj
MD5

b15441fd1459605d7d1d9c3299287d5c
SHA1

b5ea31f02b4a9e9bfc7e4a7c95362abf7ba537b3
SHA256

f2df8b277d5903d958f41c4b81ad85b5b049cfa52be2993d7ef61fbcbcff20e3
SHA512

0ec903f93fd749804c8d97f54801eee0c6cf5c2d55da40b5377bea66e80a312c2ad3bd30300d342a7194b5aecb96ee0a4a8bb1454591e136bca3b22fe5f78d9b
SSDEEP

768:j8I/QeZObsVGWlVfyA80RaM4662zbMhEHxnK1gGLFYP0D7S3TvF15Ad:jBIeZIzWby9Szo+01gJ0D7uF3Ad

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  b15441fd1459605d7d1d9c3299287d5c_JaffaCakes118
- Size
  
  46KB
- MD5
  
  b15441fd1459605d7d1d9c3299287d5c
- SHA1
  
  b5ea31f02b4a9e9bfc7e4a7c95362abf7ba537b3
- SHA256
  
  f2df8b277d5903d958f41c4b81ad85b5b049cfa52be2993d7ef61fbcbcff20e3
- SHA512
  
  0ec903f93fd749804c8d97f54801eee0c6cf5c2d55da40b5377bea66e80a312c2ad3bd30300d342a7194b5aecb96ee0a4a8bb1454591e136bca3b22fe5f78d9b
- SSDEEP
  
  768:j8I/QeZObsVGWlVfyA80RaM4662zbMhEHxnK1gGLFYP0D7S3TvF15Ad:jBIeZIzWby9Szo+01gJ0D7uF3Ad
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence