5988d83e31e2a6c18c7e6a1be4a454a41cdc3e38d4a7ee6bbc05fccd01ab5d22 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c12ef00d56f1378f61a93c4159c92a3f_JaffaCakes118
Size

757KB
Sample

240825-vjeatavara
MD5

c12ef00d56f1378f61a93c4159c92a3f
SHA1

74b90e21fb9ad545131dceca5105996afbca3f6b
SHA256

5988d83e31e2a6c18c7e6a1be4a454a41cdc3e38d4a7ee6bbc05fccd01ab5d22
SHA512

eeb1e886a095171bc153a9aaa8b98cec885910c1ca00f3450edefc554122f89ff0e274b455197d94fb482d1a68ee1809d0b7e2421fe5e443810df757681e1ef8
SSDEEP

12288:4feDaBT6DgDWgEVvP+FiivAo6QqvpyiS+NuZondvvTCqhRgl6TS:DDaBT6D+WhMFFYo6QqMiS+cWvTNRgl6T

Score

6^/10

discovery persistence

Malware Config

Targets

- Target
  
  c12ef00d56f1378f61a93c4159c92a3f_JaffaCakes118
- Size
  
  757KB
- MD5
  
  c12ef00d56f1378f61a93c4159c92a3f
- SHA1
  
  74b90e21fb9ad545131dceca5105996afbca3f6b
- SHA256
  
  5988d83e31e2a6c18c7e6a1be4a454a41cdc3e38d4a7ee6bbc05fccd01ab5d22
- SHA512
  
  eeb1e886a095171bc153a9aaa8b98cec885910c1ca00f3450edefc554122f89ff0e274b455197d94fb482d1a68ee1809d0b7e2421fe5e443810df757681e1ef8
- SSDEEP
  
  12288:4feDaBT6DgDWgEVvP+FiivAo6QqvpyiS+NuZondvvTCqhRgl6TS:DDaBT6D+WhMFFYo6QqMiS+cWvTNRgl6T
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2