516a0a49cdb88b46293b28ab5a64dc3b1f7615cd6803d0a85f15c7e57480bbc3 | Triage

Sharing

General

Target

b473d15570eeb12206dab6ea9a345526_JaffaCakes118
Size

17KB
Sample

240821-wjc87awdkj
MD5

b473d15570eeb12206dab6ea9a345526
SHA1

65a6961a675636d0b2eae0270f61f4c786d80c25
SHA256

516a0a49cdb88b46293b28ab5a64dc3b1f7615cd6803d0a85f15c7e57480bbc3
SHA512

a912b7116de88204e902aabfe7f3bee9fa512c035dbd78838f43e5ff52c0e3dfda4614b5fff976d3fb0114a0fe760ed6e0244f861dd604045fb0288881eedcb8
SSDEEP

384:Z4P9oeN42IMzomTiwbUHP9lK7GlVzstINIaPbnFw:eP9/NrIM1lUHP9AGlVItIuaPbn

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  b473d15570eeb12206dab6ea9a345526_JaffaCakes118
- Size
  
  17KB
- MD5
  
  b473d15570eeb12206dab6ea9a345526
- SHA1
  
  65a6961a675636d0b2eae0270f61f4c786d80c25
- SHA256
  
  516a0a49cdb88b46293b28ab5a64dc3b1f7615cd6803d0a85f15c7e57480bbc3
- SHA512
  
  a912b7116de88204e902aabfe7f3bee9fa512c035dbd78838f43e5ff52c0e3dfda4614b5fff976d3fb0114a0fe760ed6e0244f861dd604045fb0288881eedcb8
- SSDEEP
  
  384:Z4P9oeN42IMzomTiwbUHP9lK7GlVzstINIaPbnFw:eP9/NrIM1lUHP9AGlVItIuaPbn
Score

8^/10

discovery persistence
- Drops file in Drivers directory
- Sets service image path in registry
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence