1da4665d85bb2eeb1d3d56195d2b9f2e63ef4443fa4b67c4868d9d6cda2c2bbf | Triage

Sharing

General

Target

eac812752903ab553fa197d933f1c34a_JaffaCakes118
Size

12KB
Sample

240919-hgw2mawbpr
MD5

eac812752903ab553fa197d933f1c34a
SHA1

b15804bf57560eb4c62dde450288d50728377b3e
SHA256

1da4665d85bb2eeb1d3d56195d2b9f2e63ef4443fa4b67c4868d9d6cda2c2bbf
SHA512

1a8cbb86b673d598086120e5774cca11fcc80c9cec6bb5326463d96f794f661b2ec047171698042c8ba3dd2b3c517b5eae16c71edb648cf490efc39d59705fec
SSDEEP

192:GALab9as5gkoV4RO86ZkXTPJfvx2DYlPkrDNA00dyfmfQJi7fJR/:GyacWIsO8vXZx2klPoNfffmfQ07fJR

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  eac812752903ab553fa197d933f1c34a_JaffaCakes118
- Size
  
  12KB
- MD5
  
  eac812752903ab553fa197d933f1c34a
- SHA1
  
  b15804bf57560eb4c62dde450288d50728377b3e
- SHA256
  
  1da4665d85bb2eeb1d3d56195d2b9f2e63ef4443fa4b67c4868d9d6cda2c2bbf
- SHA512
  
  1a8cbb86b673d598086120e5774cca11fcc80c9cec6bb5326463d96f794f661b2ec047171698042c8ba3dd2b3c517b5eae16c71edb648cf490efc39d59705fec
- SSDEEP
  
  192:GALab9as5gkoV4RO86ZkXTPJfvx2DYlPkrDNA00dyfmfQJi7fJR/:GyacWIsO8vXZx2klPoNfffmfQ07fJR
Score

7^/10

discovery persistence
- Deletes itself
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence