c497909a28dd8093fc80a941597b1bb390d89b29d84922febf6de3abcdc5e264 | Triage

Sharing

General

Target

dc575cc599d094c424c812dd3deea90d_JaffaCakes118
Size

166KB
Sample

240912-qfzp5awfkp
MD5

dc575cc599d094c424c812dd3deea90d
SHA1

4e7bcf5aa24326e4dc7e373074850d9c22f3f0f8
SHA256

c497909a28dd8093fc80a941597b1bb390d89b29d84922febf6de3abcdc5e264
SHA512

269754fdbcc2422176ce5ce2688c0b64495b41acb64f30e1aca6867a0a1cf0a3549e6f6db3ced418037c677662750317ff89249c8bcda0367cb41cddc421a1f5
SSDEEP

3072:jmVW8iTX/3RfldjjXq1+0cxxsWEL02fXcIp08MoeECoRFZxwsqh:aM7jJlRexYTHYZMZoRFZS1

Score

6^/10

discovery persistence

Malware Config

Targets

- Target
  
  dc575cc599d094c424c812dd3deea90d_JaffaCakes118
- Size
  
  166KB
- MD5
  
  dc575cc599d094c424c812dd3deea90d
- SHA1
  
  4e7bcf5aa24326e4dc7e373074850d9c22f3f0f8
- SHA256
  
  c497909a28dd8093fc80a941597b1bb390d89b29d84922febf6de3abcdc5e264
- SHA512
  
  269754fdbcc2422176ce5ce2688c0b64495b41acb64f30e1aca6867a0a1cf0a3549e6f6db3ced418037c677662750317ff89249c8bcda0367cb41cddc421a1f5
- SSDEEP
  
  3072:jmVW8iTX/3RfldjjXq1+0cxxsWEL02fXcIp08MoeECoRFZxwsqh:aM7jJlRexYTHYZMZoRFZS1
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence