47f7d1b72ca1a9c64830bd1a4cf810d18b5e6c48c90d316e068704b8d11608a8 | Triage

Sharing

General

Target

eaacaf0080c4e7066c6c217dfbd17637_JaffaCakes118
Size

9KB
Sample

240919-f699fashmh
MD5

eaacaf0080c4e7066c6c217dfbd17637
SHA1

4ad0571d363c66cdd3fdc913f382201fbff57239
SHA256

47f7d1b72ca1a9c64830bd1a4cf810d18b5e6c48c90d316e068704b8d11608a8
SHA512

963b8b29ef4be62de2f25f1ec525cc533374425a6b30b118bf236b92a0f42c390c0f4af6ad1fb8f729b4481b138356fd9e565ad888bc4bf8c1dcd4e4a247ed80
SSDEEP

192:rlxC8VkGn5h9a4v5/SwWKaZFltR9Di6OgIwx3m:7C8V7nlasLmvR86OgT3m

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  DOCUMENTS.vbs
- Size
  
  289KB
- MD5
  
  c1e450d8e86d0da8bc1fc40982ca92b1
- SHA1
  
  468d6a2efffeeb5a82a5e5af849fc224c0727d19
- SHA256
  
  0dac931e707dec0ce115af6134371bb1519a6367b426cf6e2959543a4fa8d0b4
- SHA512
  
  6a258ffd1fd967b7a33f965ec7901c0d51ef1fbeda001a662b95f53f0daf487fe508fca938444c0014b0239ad6af95d8ab4f49f6726a22f8c3c63fb417f5a11d
- SSDEEP
  
  768:hEF9sxYs1ROoPLg/vgeJB+QPvIWysmLiI5cmWmfkqvfjWhJwJeTW8WrOsVOOOOO/:hACas1ROoPLg/vgeJB+QPvIWysmLij
Score

8^/10

persistence
- Blocklisted process makes network request
- Drops startup file
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2