53e9ca32e46bbdf13b5b0803d1bb7dbb5e1f3faf214db7eea971b27e8fc084ef | Triage

Sharing

General

Target

f539ce15ea1c51a7b15b72ca8be0a529_JaffaCakes118
Size

64KB
Sample

240925-fgzreaygqc
MD5

f539ce15ea1c51a7b15b72ca8be0a529
SHA1

55060a9648fa37c676ac058cc80289ce9734abae
SHA256

53e9ca32e46bbdf13b5b0803d1bb7dbb5e1f3faf214db7eea971b27e8fc084ef
SHA512

142f491818c5d30dc2e2de3723e4602e957284efd05a5d693cf3ff4af9b608d715ed7db448f62bd4dc40c86cf5ba71d550439b6f8e73c20fdd34814e43d0b8e0
SSDEEP

1536:iUHMnHOgqDPv3e36kLYDJw46cYYj2zg6LmJY+HVchMoZKOFk/Rm:9ob0v26kYJw8Kzg6KC+HGh5ZpW/Rm

Score

6^/10

discovery persistence

Malware Config

Targets

- Target
  
  f539ce15ea1c51a7b15b72ca8be0a529_JaffaCakes118
- Size
  
  64KB
- MD5
  
  f539ce15ea1c51a7b15b72ca8be0a529
- SHA1
  
  55060a9648fa37c676ac058cc80289ce9734abae
- SHA256
  
  53e9ca32e46bbdf13b5b0803d1bb7dbb5e1f3faf214db7eea971b27e8fc084ef
- SHA512
  
  142f491818c5d30dc2e2de3723e4602e957284efd05a5d693cf3ff4af9b608d715ed7db448f62bd4dc40c86cf5ba71d550439b6f8e73c20fdd34814e43d0b8e0
- SSDEEP
  
  1536:iUHMnHOgqDPv3e36kLYDJw46cYYj2zg6LmJY+HVchMoZKOFk/Rm:9ob0v26kYJw8Kzg6KC+HGh5ZpW/Rm
Score

6^/10

persistence discovery
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence