c9f4849f8b70986d0f03fce0441f14a8d54e27d666badfb5a6cab5efb195a4dc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d9bd806953086c0d428873de7019a868_JaffaCakes118
Size

177KB
Sample

240911-gntdmswbjk
MD5

d9bd806953086c0d428873de7019a868
SHA1

e23aeaf11af47377609acd0128b2466490957829
SHA256

c9f4849f8b70986d0f03fce0441f14a8d54e27d666badfb5a6cab5efb195a4dc
SHA512

e08cc78b652ae155a53c6f3c14fb06cccb7bbcea1e75ec406be67bce2a0cb6239b5ed85175b51bec2d6aad6493aacd17e608382783505efa914b70ad4988ade7
SSDEEP

3072:Pvij3Ri/nciZaAOwECVWienO2LRtMo/fPi/Mvf9ybZH6GG59e0LFRsRAnBvHqrOJ:XcIG97V4taGfVR0tHFrYJbNEVM05

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  d9bd806953086c0d428873de7019a868_JaffaCakes118
- Size
  
  177KB
- MD5
  
  d9bd806953086c0d428873de7019a868
- SHA1
  
  e23aeaf11af47377609acd0128b2466490957829
- SHA256
  
  c9f4849f8b70986d0f03fce0441f14a8d54e27d666badfb5a6cab5efb195a4dc
- SHA512
  
  e08cc78b652ae155a53c6f3c14fb06cccb7bbcea1e75ec406be67bce2a0cb6239b5ed85175b51bec2d6aad6493aacd17e608382783505efa914b70ad4988ade7
- SSDEEP
  
  3072:Pvij3Ri/nciZaAOwECVWienO2LRtMo/fPi/Mvf9ybZH6GG59e0LFRsRAnBvHqrOJ:XcIG97V4taGfVR0tHFrYJbNEVM05
Score

7^/10

discovery persistence
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2