4cdb25bd36465aefe2ef058bfe06c4c30d8e4e8af24557051ade7583f8e7fa2e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

efa2efb60981ecef4d70f530408d3410_JaffaCakes118
Size

439KB
Sample

240921-mywjmsybrd
MD5

efa2efb60981ecef4d70f530408d3410
SHA1

c2c7974890c0bab31948374a601bc7db972f4ec6
SHA256

4cdb25bd36465aefe2ef058bfe06c4c30d8e4e8af24557051ade7583f8e7fa2e
SHA512

d4d4e068c0b865850f859a50f7520c1a8ac1a87e524b9835a87057e399e33b38d86f246d74ac56671436f9a1627e07d73df29ce05936110d06c0580d726b166b
SSDEEP

12288:c7LL5AqhXbgIXl3MhKHDyyWTh1kXugekyf4CrO:cTCqZfDg12+3O

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  efa2efb60981ecef4d70f530408d3410_JaffaCakes118
- Size
  
  439KB
- MD5
  
  efa2efb60981ecef4d70f530408d3410
- SHA1
  
  c2c7974890c0bab31948374a601bc7db972f4ec6
- SHA256
  
  4cdb25bd36465aefe2ef058bfe06c4c30d8e4e8af24557051ade7583f8e7fa2e
- SHA512
  
  d4d4e068c0b865850f859a50f7520c1a8ac1a87e524b9835a87057e399e33b38d86f246d74ac56671436f9a1627e07d73df29ce05936110d06c0580d726b166b
- SSDEEP
  
  12288:c7LL5AqhXbgIXl3MhKHDyyWTh1kXugekyf4CrO:cTCqZfDg12+3O
Score

8^/10

discovery persistence
- Drops file in Drivers directory
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence