902ebe2809c3072893d3c5fbee3182513cbc097d9d7f61d57cc523c37c1e6c85 | Triage

Sharing

General

Target

eaa035eb360c59d3aac3f7e50e8ea874_JaffaCakes118
Size

2.9MB
Sample

240919-fkrj7ssckq
MD5

eaa035eb360c59d3aac3f7e50e8ea874
SHA1

80f8581c71d3e6596e48146258f4e0efb802f51a
SHA256

902ebe2809c3072893d3c5fbee3182513cbc097d9d7f61d57cc523c37c1e6c85
SHA512

28ef352155b212dac0fbbc3231442c227f2f12007b0776d261df3481988ee3299d10dcd055e9449aea72c07d66030ec9c0aa0db27e99491e3c71faddac73b2a7
SSDEEP

49152:UsBt24M2t/SPEgodW7lGNj1GdTunsILiYhdi8TUctRsIyXaF+iju9L1m8Axj:Fr9ht/M1cN5GluNVTUMoqPu9cr

Score

6^/10

discovery persistence

Malware Config

Targets

- Target
  
  eaa035eb360c59d3aac3f7e50e8ea874_JaffaCakes118
- Size
  
  2.9MB
- MD5
  
  eaa035eb360c59d3aac3f7e50e8ea874
- SHA1
  
  80f8581c71d3e6596e48146258f4e0efb802f51a
- SHA256
  
  902ebe2809c3072893d3c5fbee3182513cbc097d9d7f61d57cc523c37c1e6c85
- SHA512
  
  28ef352155b212dac0fbbc3231442c227f2f12007b0776d261df3481988ee3299d10dcd055e9449aea72c07d66030ec9c0aa0db27e99491e3c71faddac73b2a7
- SSDEEP
  
  49152:UsBt24M2t/SPEgodW7lGNj1GdTunsILiYhdi8TUctRsIyXaF+iju9L1m8Axj:Fr9ht/M1cN5GluNVTUMoqPu9cr
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence