59192eeeaffd71171b6311bc3c3695713203b6b7632614ce918fdf23826c8bc5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c82015517ccfd7c68c4eab4237b72c98_JaffaCakes118
Size

29KB
Sample

240829-dl6dms1blb
MD5

c82015517ccfd7c68c4eab4237b72c98
SHA1

7860b2b489dbb984d2f542dd131d5c8f341c60e1
SHA256

59192eeeaffd71171b6311bc3c3695713203b6b7632614ce918fdf23826c8bc5
SHA512

da4db230e10408fd8bf15325373e70a9c0e9f074464095a4bcbb688528355af12631576f814718e9c3040d4cdbd0e411ee16b9d91ba6ae06ee497547f6b77491
SSDEEP

768:wB/MJyk9OyixjcUdZxOB56uwnfC8bJrT1uOnB0FUCtzgzMm0Z63AOqk3:wBUJ+FZc8uw6auOB0FUCJUUjQ

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  c82015517ccfd7c68c4eab4237b72c98_JaffaCakes118
- Size
  
  29KB
- MD5
  
  c82015517ccfd7c68c4eab4237b72c98
- SHA1
  
  7860b2b489dbb984d2f542dd131d5c8f341c60e1
- SHA256
  
  59192eeeaffd71171b6311bc3c3695713203b6b7632614ce918fdf23826c8bc5
- SHA512
  
  da4db230e10408fd8bf15325373e70a9c0e9f074464095a4bcbb688528355af12631576f814718e9c3040d4cdbd0e411ee16b9d91ba6ae06ee497547f6b77491
- SSDEEP
  
  768:wB/MJyk9OyixjcUdZxOB56uwnfC8bJrT1uOnB0FUCtzgzMm0Z63AOqk3:wBUJ+FZc8uw6auOB0FUCJUUjQ
Score

8^/10

discovery persistence
- Sets service image path in registry
  persistence
- Deletes itself
- Executes dropped EXE
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence