62b4ebfc1a0a0dd93126a50a03e9695ede527bbd3545f7e678ff47c9d2b0c4d5 | Triage

Sharing

General

Target

b826c8087e9258b24dfd5e684b885cd5_JaffaCakes118
Size

327KB
Sample

240822-stmntsthke
MD5

b826c8087e9258b24dfd5e684b885cd5
SHA1

e81463d8ae85189d020553ec6046239fec892574
SHA256

62b4ebfc1a0a0dd93126a50a03e9695ede527bbd3545f7e678ff47c9d2b0c4d5
SHA512

e60041e21b7b83eb05047988a7df164ef01efc105c8be6c8b1f51990f39069f11576ae909eec8bd864fb7d499130eeb9afe90f1b11c7ec72fa7ee5c393da39fa
SSDEEP

6144:/7v222xuex19Td9JQgqvXOv/qu+vgWN6+ATFE:/r2VX6QEtND

Score

8^/10

discovery evasion persistence

Malware Config

Targets

- Target
  
  b826c8087e9258b24dfd5e684b885cd5_JaffaCakes118
- Size
  
  327KB
- MD5
  
  b826c8087e9258b24dfd5e684b885cd5
- SHA1
  
  e81463d8ae85189d020553ec6046239fec892574
- SHA256
  
  62b4ebfc1a0a0dd93126a50a03e9695ede527bbd3545f7e678ff47c9d2b0c4d5
- SHA512
  
  e60041e21b7b83eb05047988a7df164ef01efc105c8be6c8b1f51990f39069f11576ae909eec8bd864fb7d499130eeb9afe90f1b11c7ec72fa7ee5c393da39fa
- SSDEEP
  
  6144:/7v222xuex19Td9JQgqvXOv/qu+vgWN6+ATFE:/r2VX6QEtND
Score

8^/10

discovery evasion persistence
- Boot or Logon Autostart Execution: Active Setup
  Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
  persistence
- Disables taskbar notifications via registry modification
  evasion
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Active Setup

Privilege Escalation

Boot or Logon Autostart Execution

Active Setup

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistence

behavioral2