0585b8466e1c48971a16feb39d1a63b8b00b72c40aded652d8bf6e86cd8b96cb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f6b40f7312d2ca861369143dfeeaac86_JaffaCakes118
Size

1015KB
Sample

240925-x48q9stbjk
MD5

f6b40f7312d2ca861369143dfeeaac86
SHA1

ccb1b0b784fc2ca2f058f66c25cf0aa9aea26270
SHA256

0585b8466e1c48971a16feb39d1a63b8b00b72c40aded652d8bf6e86cd8b96cb
SHA512

ac4826f7f599c3dea0482aebd6643c99d1b2029066f58c3dc2f4779949d71a925171f0894a989f91175d4cf2e5ac242dbc749e65c4402f7bc340518913d6ac4e
SSDEEP

12288:2aJh1UO78n6n4yk8Ht8UEhnkOd4WYJrNIIxMC+QN9JzLI8zG0I/nxID:FDk6n4yk8V4kZWYVyZANI8zG0q2D

Score

6^/10

discovery persistence

Malware Config

Targets

- Target
  
  f6b40f7312d2ca861369143dfeeaac86_JaffaCakes118
- Size
  
  1015KB
- MD5
  
  f6b40f7312d2ca861369143dfeeaac86
- SHA1
  
  ccb1b0b784fc2ca2f058f66c25cf0aa9aea26270
- SHA256
  
  0585b8466e1c48971a16feb39d1a63b8b00b72c40aded652d8bf6e86cd8b96cb
- SHA512
  
  ac4826f7f599c3dea0482aebd6643c99d1b2029066f58c3dc2f4779949d71a925171f0894a989f91175d4cf2e5ac242dbc749e65c4402f7bc340518913d6ac4e
- SSDEEP
  
  12288:2aJh1UO78n6n4yk8Ht8UEhnkOd4WYJrNIIxMC+QN9JzLI8zG0I/nxID:FDk6n4yk8V4kZWYVyZANI8zG0q2D
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence