331f5113a660feed0c10547ccd690366463aa40336721d773de23b73ac435eb5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c220bda89cf85723034ea7e76950d44f_JaffaCakes118
Size

14KB
Sample

240826-c9f8zszhld
MD5

c220bda89cf85723034ea7e76950d44f
SHA1

f79799cef3b24bab464e1beb03a7420e350cf4ec
SHA256

331f5113a660feed0c10547ccd690366463aa40336721d773de23b73ac435eb5
SHA512

7370943608cd47dd63b3306f2e83d92dc72e9bdb8c760bceb8f187db068bd5eb76f26c03ad1aec48c76f9411d235891749d24495c14f3fb1ec27d2fca4617c65
SSDEEP

384:mNW/W5FGOu7H8/D9X9wj6gHxPO/uS8i9Puej0ra:oWHqD9V2xPK89ej0ra

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  c220bda89cf85723034ea7e76950d44f_JaffaCakes118
- Size
  
  14KB
- MD5
  
  c220bda89cf85723034ea7e76950d44f
- SHA1
  
  f79799cef3b24bab464e1beb03a7420e350cf4ec
- SHA256
  
  331f5113a660feed0c10547ccd690366463aa40336721d773de23b73ac435eb5
- SHA512
  
  7370943608cd47dd63b3306f2e83d92dc72e9bdb8c760bceb8f187db068bd5eb76f26c03ad1aec48c76f9411d235891749d24495c14f3fb1ec27d2fca4617c65
- SSDEEP
  
  384:mNW/W5FGOu7H8/D9X9wj6gHxPO/uS8i9Puej0ra:oWHqD9V2xPK89ej0ra
Score

8^/10

discovery persistence
- Sets service image path in registry
  persistence
- Deletes itself
- Executes dropped EXE
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence