a8b17c52f9727aa233a371ed2d86ce8bd8de6cba2849c94badc9f5fddce85ffb | Triage

Sharing

General

Target

da080ed5ec4b2bab4dc4fdbfdd9a8b24_JaffaCakes118
Size

45KB
Sample

240911-k6x2bssell
MD5

da080ed5ec4b2bab4dc4fdbfdd9a8b24
SHA1

a6c7fb1919a44d2fa4f2cb4e2883909f75e4e312
SHA256

a8b17c52f9727aa233a371ed2d86ce8bd8de6cba2849c94badc9f5fddce85ffb
SHA512

9d8d314905a017e8b6e65bb7166b00e3409a4b71754e1a834b6dc1939638d03d8d5cce81cf88e162898ce401a8c5647200d1e6be1d8e213ccc1853afa2088ca9
SSDEEP

768:akMd0OkN0RI9+Afclq/5fkQIjiQqNzTOA/60SfVr4Yy+jaxZxyRlmdCPZ1NWYL:+mtS4+ApedjibTOAi0+VOCaIRlLr

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  da080ed5ec4b2bab4dc4fdbfdd9a8b24_JaffaCakes118
- Size
  
  45KB
- MD5
  
  da080ed5ec4b2bab4dc4fdbfdd9a8b24
- SHA1
  
  a6c7fb1919a44d2fa4f2cb4e2883909f75e4e312
- SHA256
  
  a8b17c52f9727aa233a371ed2d86ce8bd8de6cba2849c94badc9f5fddce85ffb
- SHA512
  
  9d8d314905a017e8b6e65bb7166b00e3409a4b71754e1a834b6dc1939638d03d8d5cce81cf88e162898ce401a8c5647200d1e6be1d8e213ccc1853afa2088ca9
- SSDEEP
  
  768:akMd0OkN0RI9+Afclq/5fkQIjiQqNzTOA/60SfVr4Yy+jaxZxyRlmdCPZ1NWYL:+mtS4+ApedjibTOAi0+VOCaIRlLr
Score

8^/10

discovery persistence
- Sets service image path in registry
  persistence
- Deletes itself
- Executes dropped EXE
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence