43b4f030c2e92123b4ace63c128b6e92f1a3115b41bd2400dac2b28c73f3f641 | Triage

Sharing

General

Target

baff7de6c1a882b4206ac2fd91658087_JaffaCakes118
Size

15.4MB
Sample

240823-kcye1atekf
MD5

baff7de6c1a882b4206ac2fd91658087
SHA1

3dd7bbad5c51078b046bde6e33248834afdeca1d
SHA256

43b4f030c2e92123b4ace63c128b6e92f1a3115b41bd2400dac2b28c73f3f641
SHA512

0f2082a5d20292d0683ee9e792299aaeb9f0e41dda5a142329ed3a9dd723a6bccc763db329afc2b84e1fd914a2300a1443adee47a0982e7cee39985c7ac49d33
SSDEEP

393216:SYo6Qz5TVmBBEEE++CmZYOo+EEEEEEEBBBBBBmmmmmmPeXGNNNmmmmmmBBBxxxA+:do645QBBEEE++CmZYOo+EEEEEEEBBBBz

Score

6^/10

discovery persistence

Malware Config

Targets

- Target
  
  baff7de6c1a882b4206ac2fd91658087_JaffaCakes118
- Size
  
  15.4MB
- MD5
  
  baff7de6c1a882b4206ac2fd91658087
- SHA1
  
  3dd7bbad5c51078b046bde6e33248834afdeca1d
- SHA256
  
  43b4f030c2e92123b4ace63c128b6e92f1a3115b41bd2400dac2b28c73f3f641
- SHA512
  
  0f2082a5d20292d0683ee9e792299aaeb9f0e41dda5a142329ed3a9dd723a6bccc763db329afc2b84e1fd914a2300a1443adee47a0982e7cee39985c7ac49d33
- SSDEEP
  
  393216:SYo6Qz5TVmBBEEE++CmZYOo+EEEEEEEBBBBBBmmmmmmPeXGNNNmmmmmmBBBxxxA+:do645QBBEEE++CmZYOo+EEEEEEEBBBBz
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Scheduled Task

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence