fc1b39ccf9ac591623bb92757fbfb3e2674441f449ffb8c4a8d95297aa9bf786 | Triage

Sharing

General

Target

ea93b62750fba02da95feaa15fb6d6f4_JaffaCakes118
Size

126KB
Sample

240919-ez5vps1dkp
MD5

ea93b62750fba02da95feaa15fb6d6f4
SHA1

3ce2c0239c71e150c1d0ee24327f8126f50d2067
SHA256

fc1b39ccf9ac591623bb92757fbfb3e2674441f449ffb8c4a8d95297aa9bf786
SHA512

0e06b0208185e1c2c6f1566d463d5c3110f06291893e660ffb7bfdd17b9737a23fae2ba328062b267ca137a7cfcf0a0c055a8323cff9d919e2f100a8a47e1c97
SSDEEP

3072:ucaJvW8koHjmX+1+0cxxsWEsJ0ifXcIp08MoeJuotSyhi:ucaJuqVxYT52MZMDS7

Score

6^/10

discovery persistence

Malware Config

Targets

- Target
  
  ea93b62750fba02da95feaa15fb6d6f4_JaffaCakes118
- Size
  
  126KB
- MD5
  
  ea93b62750fba02da95feaa15fb6d6f4
- SHA1
  
  3ce2c0239c71e150c1d0ee24327f8126f50d2067
- SHA256
  
  fc1b39ccf9ac591623bb92757fbfb3e2674441f449ffb8c4a8d95297aa9bf786
- SHA512
  
  0e06b0208185e1c2c6f1566d463d5c3110f06291893e660ffb7bfdd17b9737a23fae2ba328062b267ca137a7cfcf0a0c055a8323cff9d919e2f100a8a47e1c97
- SSDEEP
  
  3072:ucaJvW8koHjmX+1+0cxxsWEsJ0ifXcIp08MoeJuotSyhi:ucaJuqVxYT52MZMDS7
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence