a8fb4651e71a3e720f8f801f3f411a8813da315f701bd9927346048c7b0203ad | Triage

Sharing

General

Target

d271c09e09f8c9081482a0467a8aa243_JaffaCakes118
Size

149KB
Sample

240907-vs16yaxbqh
MD5

d271c09e09f8c9081482a0467a8aa243
SHA1

83d28e024a4a1833bf64caaacad4807847e831d2
SHA256

a8fb4651e71a3e720f8f801f3f411a8813da315f701bd9927346048c7b0203ad
SHA512

148277403f35433062bd47a19f40eebd8cf7a559426d2d37422dc0877225c195872219b1094f833bb3c38ecd066e81f7c8125a93045e50614dbb513c2648eeab
SSDEEP

3072:jmVW8iTX/3RfldjjXq1+0cxxsWEL02fXcIp08Moehs8teq5SIj:aM7jJlRexYTHYZM6VY

Score

6^/10

discovery persistence

Malware Config

Targets

- Target
  
  d271c09e09f8c9081482a0467a8aa243_JaffaCakes118
- Size
  
  149KB
- MD5
  
  d271c09e09f8c9081482a0467a8aa243
- SHA1
  
  83d28e024a4a1833bf64caaacad4807847e831d2
- SHA256
  
  a8fb4651e71a3e720f8f801f3f411a8813da315f701bd9927346048c7b0203ad
- SHA512
  
  148277403f35433062bd47a19f40eebd8cf7a559426d2d37422dc0877225c195872219b1094f833bb3c38ecd066e81f7c8125a93045e50614dbb513c2648eeab
- SSDEEP
  
  3072:jmVW8iTX/3RfldjjXq1+0cxxsWEL02fXcIp08Moehs8teq5SIj:aM7jJlRexYTHYZM6VY
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence