380fa37adcda144ee6c59ec251b976074fd8b7c48380df72ffa8769ea13f600f | Triage

Sharing

General

Target

ef5f42659bfa48d7896fe04434a2c7ca_JaffaCakes118
Size

192KB
Sample

240921-jxan1asdjr
MD5

ef5f42659bfa48d7896fe04434a2c7ca
SHA1

55515f10c8205c7a88ea972653328a9841e6704d
SHA256

380fa37adcda144ee6c59ec251b976074fd8b7c48380df72ffa8769ea13f600f
SHA512

c68408431521a930c24c4123328b8e0c6f9d19da7474ffeaa3a36f66ec90b4d1b1feb814035acd2455e3fff09f8fbcc028665c2ed79735fb19a929be780c3d34
SSDEEP

3072:YpbtC5W7S8BFsPolqmDOn542beDNLbD8BpPq32:T5W7S8BGWqkxl4D

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  ef5f42659bfa48d7896fe04434a2c7ca_JaffaCakes118
- Size
  
  192KB
- MD5
  
  ef5f42659bfa48d7896fe04434a2c7ca
- SHA1
  
  55515f10c8205c7a88ea972653328a9841e6704d
- SHA256
  
  380fa37adcda144ee6c59ec251b976074fd8b7c48380df72ffa8769ea13f600f
- SHA512
  
  c68408431521a930c24c4123328b8e0c6f9d19da7474ffeaa3a36f66ec90b4d1b1feb814035acd2455e3fff09f8fbcc028665c2ed79735fb19a929be780c3d34
- SSDEEP
  
  3072:YpbtC5W7S8BFsPolqmDOn542beDNLbD8BpPq32:T5W7S8BGWqkxl4D
Score

8^/10

discovery persistence
- Boot or Logon Autostart Execution: Active Setup
  Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
  persistence
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Active Setup

Privilege Escalation

Boot or Logon Autostart Execution

Active Setup

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2