7932523f1afadfdfee2b1b688f03aa3745e468f4912036275c0f6dd919e5a378 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c24b1f7c0b26669fbfc128db37fef8f2_JaffaCakes118
Size

167KB
Sample

240826-e8fxyavgma
MD5

c24b1f7c0b26669fbfc128db37fef8f2
SHA1

5c34e3d701414f4c6cf1a90c4e41c0fe374a5005
SHA256

7932523f1afadfdfee2b1b688f03aa3745e468f4912036275c0f6dd919e5a378
SHA512

80744992243b002a3289a2d58d12e1afb8d257aee18221358594be47889075ed588a9adc46d23dc4f7f352a3fc431af6bfd2b46d67535a7cd233088ff13e91a3
SSDEEP

3072:jmVW8iTX/3RfldjjXq1+0cxxsWEL02fXcIp08Moef72fslXeY++oM:aM7jJlRexYTHYZMfwst7

Score

6^/10

discovery persistence

Malware Config

Targets

- Target
  
  c24b1f7c0b26669fbfc128db37fef8f2_JaffaCakes118
- Size
  
  167KB
- MD5
  
  c24b1f7c0b26669fbfc128db37fef8f2
- SHA1
  
  5c34e3d701414f4c6cf1a90c4e41c0fe374a5005
- SHA256
  
  7932523f1afadfdfee2b1b688f03aa3745e468f4912036275c0f6dd919e5a378
- SHA512
  
  80744992243b002a3289a2d58d12e1afb8d257aee18221358594be47889075ed588a9adc46d23dc4f7f352a3fc431af6bfd2b46d67535a7cd233088ff13e91a3
- SSDEEP
  
  3072:jmVW8iTX/3RfldjjXq1+0cxxsWEL02fXcIp08Moef72fslXeY++oM:aM7jJlRexYTHYZMfwst7
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence