bf27fcff16226e3f8c65c9290dcba981c1eba5fd8d1a50372767525019452811 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f9ee510204b05ac59f289837cc9c3097_JaffaCakes118
Size

176KB
Sample

240927-hllrfstalf
MD5

f9ee510204b05ac59f289837cc9c3097
SHA1

b8dc02974ebbab6c2cb3b074ed2fab25fdfe0341
SHA256

bf27fcff16226e3f8c65c9290dcba981c1eba5fd8d1a50372767525019452811
SHA512

c7d356ec3dc1006af7fe5aec065d1c22d4030e42e111100519d144bc66e5ceee136b73d5544ba7ad5739f263c899cf5eefb3dd97b115910e1287b74443fb5cfa
SSDEEP

3072:r0BGtrAEhtI4Kel4TXTZltRQb4UfNQh4MrR1O3ASREsW26t/rf:I6IhelDb4U+h5DMIrf

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  f9ee510204b05ac59f289837cc9c3097_JaffaCakes118
- Size
  
  176KB
- MD5
  
  f9ee510204b05ac59f289837cc9c3097
- SHA1
  
  b8dc02974ebbab6c2cb3b074ed2fab25fdfe0341
- SHA256
  
  bf27fcff16226e3f8c65c9290dcba981c1eba5fd8d1a50372767525019452811
- SHA512
  
  c7d356ec3dc1006af7fe5aec065d1c22d4030e42e111100519d144bc66e5ceee136b73d5544ba7ad5739f263c899cf5eefb3dd97b115910e1287b74443fb5cfa
- SSDEEP
  
  3072:r0BGtrAEhtI4Kel4TXTZltRQb4UfNQh4MrR1O3ASREsW26t/rf:I6IhelDb4U+h5DMIrf
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence