5057b150f678eea2bf2701ca113bcdd218740fc7f62d55bccf4019c55d026e40 | Triage

Sharing

General

Target

b355f826c1167be301b4a3535d2286fe_JaffaCakes118
Size

68KB
Sample

240821-nxme1swgnb
MD5

b355f826c1167be301b4a3535d2286fe
SHA1

f622441e71895c957d81bca051f90fa5fffe728e
SHA256

5057b150f678eea2bf2701ca113bcdd218740fc7f62d55bccf4019c55d026e40
SHA512

cd667667772fae2e0c7ee3f1f1308b3589af9b1f22f7027bc35fbcd7a31e219255b5da17be16d8200935f73ac33872a7d5e0c9a7eb80a0b28c77be76d8750545
SSDEEP

1536:xMnqCNgCvgKEzCwOx/qEmlWvxNX+9Q18vJJOFbDE9JUCE8FrHgWwxpArIMXbo0vI:xs9gCvgKEzCwOx/qEaWvxNX+9Q18vJJC

Score

8^/10

discovery evasion persistence

Malware Config

Targets

- Target
  
  b355f826c1167be301b4a3535d2286fe_JaffaCakes118
- Size
  
  68KB
- MD5
  
  b355f826c1167be301b4a3535d2286fe
- SHA1
  
  f622441e71895c957d81bca051f90fa5fffe728e
- SHA256
  
  5057b150f678eea2bf2701ca113bcdd218740fc7f62d55bccf4019c55d026e40
- SHA512
  
  cd667667772fae2e0c7ee3f1f1308b3589af9b1f22f7027bc35fbcd7a31e219255b5da17be16d8200935f73ac33872a7d5e0c9a7eb80a0b28c77be76d8750545
- SSDEEP
  
  1536:xMnqCNgCvgKEzCwOx/qEmlWvxNX+9Q18vJJOFbDE9JUCE8FrHgWwxpArIMXbo0vI:xs9gCvgKEzCwOx/qEaWvxNX+9Q18vJJC
Score

8^/10

discovery evasion persistence
- Disables RegEdit via registry modification
  evasion
- Disables Task Manager via registry modification
  evasion
- Modifies system executable filetype association
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Change Default File Association

Privilege Escalation

Event Triggered Execution

Change Default File Association

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistence

behavioral2

discoveryevasionpersistence