0d6064d543e8d04fa4faac36298bb63a5a789caecbedcd14a3192c4de708ef08 | Triage

Sharing

General

Target

bf63f5435e44f239b1cf66516ab37fe9_JaffaCakes118
Size

1.8MB
Sample

240824-zqjlbs1apm
MD5

bf63f5435e44f239b1cf66516ab37fe9
SHA1

71c44119470ad3bd4235946e800bc93f1caf5bef
SHA256

0d6064d543e8d04fa4faac36298bb63a5a789caecbedcd14a3192c4de708ef08
SHA512

eaec41e38a5ab50043d62dc1946c97d7679f80564d2a4afe133188d5abb40f6781c181f2ff0879ecf3b8dadcd3a21423b68d75d83d0a14d1964bca198f5cef6f
SSDEEP

49152:JVbBwJfa2dapz0Yumk5ZTPbUAm4uhimqs0PP:jB7z0YudmthimmP

Score

6^/10

discovery persistence

Malware Config

Targets

- Target
  
  bf63f5435e44f239b1cf66516ab37fe9_JaffaCakes118
- Size
  
  1.8MB
- MD5
  
  bf63f5435e44f239b1cf66516ab37fe9
- SHA1
  
  71c44119470ad3bd4235946e800bc93f1caf5bef
- SHA256
  
  0d6064d543e8d04fa4faac36298bb63a5a789caecbedcd14a3192c4de708ef08
- SHA512
  
  eaec41e38a5ab50043d62dc1946c97d7679f80564d2a4afe133188d5abb40f6781c181f2ff0879ecf3b8dadcd3a21423b68d75d83d0a14d1964bca198f5cef6f
- SSDEEP
  
  49152:JVbBwJfa2dapz0Yumk5ZTPbUAm4uhimqs0PP:jB7z0YudmthimmP
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence