c0c9c480ac340a555f3188b2a2d61bb45296454a371ba7412d1aaa356f687764 | Triage

Sharing

General

Target

dc9c1aa160fd20dd74754546d8d0fa76_JaffaCakes118
Size

27KB
Sample

240912-tx31natdpk
MD5

dc9c1aa160fd20dd74754546d8d0fa76
SHA1

629d5a1a6ca1795638c4b98a38c87b2eb43cc0e8
SHA256

c0c9c480ac340a555f3188b2a2d61bb45296454a371ba7412d1aaa356f687764
SHA512

482dfd10703908e6194ad627d058a0a9569665a1248d14be3157269c771dff83c387e1837b47d636cd0afeb539de758e70a38a27b6086cb45b3f477c1f265c51
SSDEEP

768:ZTzbBXcgvbRL2hbanF0PVnD1CkRihm21EPAl7+:Z/pvbpxn6VnZji3EPAlS

Score

6^/10

discovery persistence

Malware Config

Targets

- Target
  
  dc9c1aa160fd20dd74754546d8d0fa76_JaffaCakes118
- Size
  
  27KB
- MD5
  
  dc9c1aa160fd20dd74754546d8d0fa76
- SHA1
  
  629d5a1a6ca1795638c4b98a38c87b2eb43cc0e8
- SHA256
  
  c0c9c480ac340a555f3188b2a2d61bb45296454a371ba7412d1aaa356f687764
- SHA512
  
  482dfd10703908e6194ad627d058a0a9569665a1248d14be3157269c771dff83c387e1837b47d636cd0afeb539de758e70a38a27b6086cb45b3f477c1f265c51
- SSDEEP
  
  768:ZTzbBXcgvbRL2hbanF0PVnD1CkRihm21EPAl7+:Z/pvbpxn6VnZji3EPAlS
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence