75d96a85a6f9b3654fc8d8b4a49a5393d6980f77d2431f9a31e73da570d5fbed | Triage

Sharing

General

Target

d1f29b64e7f063a86cf57d46fa3099f7_JaffaCakes118
Size

32KB
Sample

240907-ps4deawane
MD5

d1f29b64e7f063a86cf57d46fa3099f7
SHA1

f7e22865ef535d75f12834a2e4af5eb2d89bd317
SHA256

75d96a85a6f9b3654fc8d8b4a49a5393d6980f77d2431f9a31e73da570d5fbed
SHA512

86692987d1d2580707b7b7cd210f88c3f4389ace03fa7475b612952f899a489eb30a557f35b62a470b04b6f6dd80fdec360c4d0ed17e3bb48a178fa2ad9d7238
SSDEEP

768:Um28YtLlknuI06voJsyFy4SeqFHbV97uu++iliMVzXDInfHci+CNJm:Um28mLmne5J3FXp83h++GpV3GfHV+/

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  d1f29b64e7f063a86cf57d46fa3099f7_JaffaCakes118
- Size
  
  32KB
- MD5
  
  d1f29b64e7f063a86cf57d46fa3099f7
- SHA1
  
  f7e22865ef535d75f12834a2e4af5eb2d89bd317
- SHA256
  
  75d96a85a6f9b3654fc8d8b4a49a5393d6980f77d2431f9a31e73da570d5fbed
- SHA512
  
  86692987d1d2580707b7b7cd210f88c3f4389ace03fa7475b612952f899a489eb30a557f35b62a470b04b6f6dd80fdec360c4d0ed17e3bb48a178fa2ad9d7238
- SSDEEP
  
  768:Um28YtLlknuI06voJsyFy4SeqFHbV97uu++iliMVzXDInfHci+CNJm:Um28mLmne5J3FXp83h++GpV3GfHV+/
Score

8^/10

discovery persistence
- Sets service image path in registry
  persistence
- Deletes itself
- Executes dropped EXE
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence