4f39939e1d2a4507a2e611006e5dc9fc40e2ca0137a3cb576444415a888ba5cf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c0207e631241b57aebc2b30079cb2075_JaffaCakes118
Size

3.5MB
Sample

240825-g1rqks1bjn
MD5

c0207e631241b57aebc2b30079cb2075
SHA1

df9d23cccc94505586afe43a845ab4d378281875
SHA256

4f39939e1d2a4507a2e611006e5dc9fc40e2ca0137a3cb576444415a888ba5cf
SHA512

729b99340c4d8608218a4ce3386a2bd130e6b09a21f4f28856698c46a6c1e8eb44dd51531ae193deaff4ef3af071ab5ce7baff2cdeaaba1a4399d0bdfefaa341
SSDEEP

98304:xF64moUvR2AowFtQRM/Q+WOIQO/83+GrU:+joMnFtqhAO/83P

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  c0207e631241b57aebc2b30079cb2075_JaffaCakes118
- Size
  
  3.5MB
- MD5
  
  c0207e631241b57aebc2b30079cb2075
- SHA1
  
  df9d23cccc94505586afe43a845ab4d378281875
- SHA256
  
  4f39939e1d2a4507a2e611006e5dc9fc40e2ca0137a3cb576444415a888ba5cf
- SHA512
  
  729b99340c4d8608218a4ce3386a2bd130e6b09a21f4f28856698c46a6c1e8eb44dd51531ae193deaff4ef3af071ab5ce7baff2cdeaaba1a4399d0bdfefaa341
- SSDEEP
  
  98304:xF64moUvR2AowFtQRM/Q+WOIQO/83+GrU:+joMnFtqhAO/83P
Score

7^/10

discovery persistence
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence