4a7e9a71df13d00579dda1ce2653229f629caf282d284f5fef7602191e32a5d3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bd26a131b8c2ccb82bfe7e8279069e7d_JaffaCakes118
Size

28KB
Sample

240823-zwwg3swenf
MD5

bd26a131b8c2ccb82bfe7e8279069e7d
SHA1

c64750a53c71929d786a0e46828fd2de5e8337df
SHA256

4a7e9a71df13d00579dda1ce2653229f629caf282d284f5fef7602191e32a5d3
SHA512

395e884db9a32cadd7df8517858da923dcd057d58a8f13130f64e1ae545ad7c377c40a6914d6c28a955cc4dfddc350d972bb34d7246171c316236db21fe7b29d
SSDEEP

768:yh/rqwViUTg5J1sMpidL02iuPyExtaprcJI3o9NbdAohD4uS9e:S/WwVv8sd9PyC8prGIiIohcZ9e

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  bd26a131b8c2ccb82bfe7e8279069e7d_JaffaCakes118
- Size
  
  28KB
- MD5
  
  bd26a131b8c2ccb82bfe7e8279069e7d
- SHA1
  
  c64750a53c71929d786a0e46828fd2de5e8337df
- SHA256
  
  4a7e9a71df13d00579dda1ce2653229f629caf282d284f5fef7602191e32a5d3
- SHA512
  
  395e884db9a32cadd7df8517858da923dcd057d58a8f13130f64e1ae545ad7c377c40a6914d6c28a955cc4dfddc350d972bb34d7246171c316236db21fe7b29d
- SSDEEP
  
  768:yh/rqwViUTg5J1sMpidL02iuPyExtaprcJI3o9NbdAohD4uS9e:S/WwVv8sd9PyC8prGIiIohcZ9e
Score

8^/10

discovery persistence
- Sets service image path in registry
  persistence
- Deletes itself
- Executes dropped EXE
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence