0b8682382e570fb4ec5dcd1d432739a96f5a5d1429d117cbd06ae3510af1404f | Triage

Sharing

General

Target

fce75c2cc9b6e72ac7fa9c95f25cdfd8_JaffaCakes118
Size

16KB
Sample

240928-w8jghazfpq
MD5

fce75c2cc9b6e72ac7fa9c95f25cdfd8
SHA1

5b5e7ed09fb98f905a86139e6d974c9e8b848750
SHA256

0b8682382e570fb4ec5dcd1d432739a96f5a5d1429d117cbd06ae3510af1404f
SHA512

b408484b33cce42a6cbed0584ffeb2f0fffcff855ec8feb618e365acb0d78fc5750002b932be7778afcbec6965b35a28c8e54244f421368c8db38f3cf3358be1
SSDEEP

384:m4W/WSi7oGOuGuIFiT8fn/luWjNR8ZkDNJz4r3YYAjMqPTEmN:b0juj8fn/lrNR8+DNV4r3YY1h0

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  fce75c2cc9b6e72ac7fa9c95f25cdfd8_JaffaCakes118
- Size
  
  16KB
- MD5
  
  fce75c2cc9b6e72ac7fa9c95f25cdfd8
- SHA1
  
  5b5e7ed09fb98f905a86139e6d974c9e8b848750
- SHA256
  
  0b8682382e570fb4ec5dcd1d432739a96f5a5d1429d117cbd06ae3510af1404f
- SHA512
  
  b408484b33cce42a6cbed0584ffeb2f0fffcff855ec8feb618e365acb0d78fc5750002b932be7778afcbec6965b35a28c8e54244f421368c8db38f3cf3358be1
- SSDEEP
  
  384:m4W/WSi7oGOuGuIFiT8fn/luWjNR8ZkDNJz4r3YYAjMqPTEmN:b0juj8fn/lrNR8+DNV4r3YY1h0
Score

8^/10

discovery persistence
- Sets service image path in registry
  persistence
- Deletes itself
- Executes dropped EXE
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence