83284a68d547a10aeb7a7f22fcd350dfe97c890edb38113aa21b191769820e52 | Triage

Sharing

General

Target

eac13f616457570bb1e9521682d25927_JaffaCakes118
Size

444KB
Sample

240919-g586esvdle
MD5

eac13f616457570bb1e9521682d25927
SHA1

52fb62a6fd5e4fa055f8bf6c9bc059e3023b52bf
SHA256

83284a68d547a10aeb7a7f22fcd350dfe97c890edb38113aa21b191769820e52
SHA512

4e6e9c9d8a5135e0ceb8b0a808d9ed75bf2f7ff37b1435bb6bb2af024afc0e646f618f7a2ce678f4672410d5072aaed9ee73935378fe8fe59b57e940206556cf
SSDEEP

6144:1SwtUitSs5dqsRkbmmWNujJ/qqbCSxny06wMh6j6btD:15NSYdq2m8uJq7UmNk6hD

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  eac13f616457570bb1e9521682d25927_JaffaCakes118
- Size
  
  444KB
- MD5
  
  eac13f616457570bb1e9521682d25927
- SHA1
  
  52fb62a6fd5e4fa055f8bf6c9bc059e3023b52bf
- SHA256
  
  83284a68d547a10aeb7a7f22fcd350dfe97c890edb38113aa21b191769820e52
- SHA512
  
  4e6e9c9d8a5135e0ceb8b0a808d9ed75bf2f7ff37b1435bb6bb2af024afc0e646f618f7a2ce678f4672410d5072aaed9ee73935378fe8fe59b57e940206556cf
- SSDEEP
  
  6144:1SwtUitSs5dqsRkbmmWNujJ/qqbCSxny06wMh6j6btD:15NSYdq2m8uJq7UmNk6hD
Score

8^/10

discovery persistence
- Sets service image path in registry
  persistence
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence