5c7d992554b97d3ee3f8073f0419187fb4dca69b4e0790b68ef1f17a011b9ea2 | Triage

Sharing

General

Target

eab0782cb76c3dc13b979efc8fae5649_JaffaCakes118
Size

19KB
Sample

240919-gdknratekm
MD5

eab0782cb76c3dc13b979efc8fae5649
SHA1

0d1a36949a00b3049570317bbb255f5a72e4222b
SHA256

5c7d992554b97d3ee3f8073f0419187fb4dca69b4e0790b68ef1f17a011b9ea2
SHA512

96bce4e46827a142cb6e98141fdb33fcb565cc628f03381451edf9be5d0754ae8c71b13d7f6e98493c540bfa13a042a0a2fa0cc430d3f6857c1a11f5bfdb9883
SSDEEP

384:mUW/WgrBGOuC0a9GNnZ2CyJ5wdo/MZMzNLD6F1+fWvO:o23la+M7a185

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  eab0782cb76c3dc13b979efc8fae5649_JaffaCakes118
- Size
  
  19KB
- MD5
  
  eab0782cb76c3dc13b979efc8fae5649
- SHA1
  
  0d1a36949a00b3049570317bbb255f5a72e4222b
- SHA256
  
  5c7d992554b97d3ee3f8073f0419187fb4dca69b4e0790b68ef1f17a011b9ea2
- SHA512
  
  96bce4e46827a142cb6e98141fdb33fcb565cc628f03381451edf9be5d0754ae8c71b13d7f6e98493c540bfa13a042a0a2fa0cc430d3f6857c1a11f5bfdb9883
- SSDEEP
  
  384:mUW/WgrBGOuC0a9GNnZ2CyJ5wdo/MZMzNLD6F1+fWvO:o23la+M7a185
Score

8^/10

discovery persistence
- Sets service image path in registry
  persistence
- Deletes itself
- Executes dropped EXE
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence