f9c4211462aaad9ae8bb81c9a0e3fe4651b0a564f46f9d6992867869c6473bb8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c857761fd4e33cfe8ab9b33055ec1d15_JaffaCakes118
Size

2.1MB
Sample

240829-gvsqpaygrj
MD5

c857761fd4e33cfe8ab9b33055ec1d15
SHA1

f7df1e9b4a9c23861bc65194af7a80170c177a65
SHA256

f9c4211462aaad9ae8bb81c9a0e3fe4651b0a564f46f9d6992867869c6473bb8
SHA512

fa53e6892754ee3ec434939bb7da64e6d2ca2b6bc3aed8cae356e1fa3bcad12a9842d6dab6a2148c4f0c776dc795af68dd902b37b211f7df35f97a5411169719
SSDEEP

49152:0frqx1trn6CHADcsaaYIIugQ5OUUJC6p5vRCdmP9u:0zI/6CHfsvYFQIUICMFRCdq9

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  c857761fd4e33cfe8ab9b33055ec1d15_JaffaCakes118
- Size
  
  2.1MB
- MD5
  
  c857761fd4e33cfe8ab9b33055ec1d15
- SHA1
  
  f7df1e9b4a9c23861bc65194af7a80170c177a65
- SHA256
  
  f9c4211462aaad9ae8bb81c9a0e3fe4651b0a564f46f9d6992867869c6473bb8
- SHA512
  
  fa53e6892754ee3ec434939bb7da64e6d2ca2b6bc3aed8cae356e1fa3bcad12a9842d6dab6a2148c4f0c776dc795af68dd902b37b211f7df35f97a5411169719
- SSDEEP
  
  49152:0frqx1trn6CHADcsaaYIIugQ5OUUJC6p5vRCdmP9u:0zI/6CHfsvYFQIUICMFRCdq9
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2