b80d4815afe4d46ea40c8b41f8044fe5ca3320a666c13486ac1c291881df6450 | Triage

Sharing

General

Target

c23d15495092fbc48ab9365b7a054475_JaffaCakes118
Size

61KB
Sample

240826-ekfx2avfqk
MD5

c23d15495092fbc48ab9365b7a054475
SHA1

6e1b6ef7cfc81a36df54ba5e1afddb38d84bc374
SHA256

b80d4815afe4d46ea40c8b41f8044fe5ca3320a666c13486ac1c291881df6450
SHA512

c3889f92b3890106fa6e5219f74af8145b9f8a00dcbdf1058c96ee59bbeffca6517469c58f41c5c601caabc0385cb343e89128505d7a99968051aabe8e0c7be3
SSDEEP

1536:FNxU+W+73uSpoo3e/8+dcr2yS7yt0xzSUlDb:NU+W+qNo3e9Sy/K8Jh

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  c23d15495092fbc48ab9365b7a054475_JaffaCakes118
- Size
  
  61KB
- MD5
  
  c23d15495092fbc48ab9365b7a054475
- SHA1
  
  6e1b6ef7cfc81a36df54ba5e1afddb38d84bc374
- SHA256
  
  b80d4815afe4d46ea40c8b41f8044fe5ca3320a666c13486ac1c291881df6450
- SHA512
  
  c3889f92b3890106fa6e5219f74af8145b9f8a00dcbdf1058c96ee59bbeffca6517469c58f41c5c601caabc0385cb343e89128505d7a99968051aabe8e0c7be3
- SSDEEP
  
  1536:FNxU+W+73uSpoo3e/8+dcr2yS7yt0xzSUlDb:NU+W+qNo3e9Sy/K8Jh
Score

8^/10

discovery persistence
- Event Triggered Execution: Image File Execution Options Injection
  persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Event Triggered Execution

Image File Execution Options Injection

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Event Triggered Execution

Image File Execution Options Injection

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence