8dc07459a5829d0a1b2efeccf9c346f0d816c120bc244d298096e86b81b7745b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b4625af8eaf58d9291970715e5065641_JaffaCakes118
Size

160KB
Sample

240821-v5hv5a1gnd
MD5

b4625af8eaf58d9291970715e5065641
SHA1

db59b5a61b196f956ad89ee09acfa6f023bba8d3
SHA256

8dc07459a5829d0a1b2efeccf9c346f0d816c120bc244d298096e86b81b7745b
SHA512

bcaa5013eb77567a7a83cda1b12a18c5d26c6ce2c23c7829f041b9e97443edf50b4d36b6e967fe2c57c6d917c7ac6d2481d314235cc3dd8b3318118aa531b185
SSDEEP

3072:DHY+Z1lCC42XS/A19sZFTYNNL9cdGabV8024X3DEtdqLe/JQXQEYcTVeaFePODW2:DHYWlCC420GsZNo9obV1bX32Qa/KQEdj

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  b4625af8eaf58d9291970715e5065641_JaffaCakes118
- Size
  
  160KB
- MD5
  
  b4625af8eaf58d9291970715e5065641
- SHA1
  
  db59b5a61b196f956ad89ee09acfa6f023bba8d3
- SHA256
  
  8dc07459a5829d0a1b2efeccf9c346f0d816c120bc244d298096e86b81b7745b
- SHA512
  
  bcaa5013eb77567a7a83cda1b12a18c5d26c6ce2c23c7829f041b9e97443edf50b4d36b6e967fe2c57c6d917c7ac6d2481d314235cc3dd8b3318118aa531b185
- SSDEEP
  
  3072:DHY+Z1lCC42XS/A19sZFTYNNL9cdGabV8024X3DEtdqLe/JQXQEYcTVeaFePODW2:DHYWlCC420GsZNo9obV1bX32Qa/KQEdj
Score

8^/10

discovery persistence
- Drops file in Drivers directory
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence