bbea4015896c89488258ecc8e4cf888af32a7e93b1d6ae4bbdf597082ff2c85d | Triage

Sharing

General

Target

daea607efb0ca3f7a7adde64cef448d1_JaffaCakes118
Size

39KB
Sample

240911-wh6jcathkk
MD5

daea607efb0ca3f7a7adde64cef448d1
SHA1

e3c0cc79dbafdc40690e245bc729503f37d676e2
SHA256

bbea4015896c89488258ecc8e4cf888af32a7e93b1d6ae4bbdf597082ff2c85d
SHA512

ba2f4d056ad5c4b3703324528500fab4fe3c5ceb2c821432c4ac43d2ba80a40be12bc54dd47f886665d61713fafb3ccf08d8d1684e9389b5b8e57d47d627ed44
SSDEEP

768:kR28lrm/RDisiAMPuY9J4/OLVFSTKUJ3yh2ZPF2g3t3:kr2RmxYOLVFBVhKFL3

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  daea607efb0ca3f7a7adde64cef448d1_JaffaCakes118
- Size
  
  39KB
- MD5
  
  daea607efb0ca3f7a7adde64cef448d1
- SHA1
  
  e3c0cc79dbafdc40690e245bc729503f37d676e2
- SHA256
  
  bbea4015896c89488258ecc8e4cf888af32a7e93b1d6ae4bbdf597082ff2c85d
- SHA512
  
  ba2f4d056ad5c4b3703324528500fab4fe3c5ceb2c821432c4ac43d2ba80a40be12bc54dd47f886665d61713fafb3ccf08d8d1684e9389b5b8e57d47d627ed44
- SSDEEP
  
  768:kR28lrm/RDisiAMPuY9J4/OLVFSTKUJ3yh2ZPF2g3t3:kr2RmxYOLVFBVhKFL3
Score

8^/10

discovery persistence
- Event Triggered Execution: Image File Execution Options Injection
  persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Event Triggered Execution

Image File Execution Options Injection

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Event Triggered Execution

Image File Execution Options Injection

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence