68d70d749a7f781fa0ea6e41f71eb34e21111bdf674182b74d79bbb17b4c785a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fd944c4255de42d17942fec624bc4674_JaffaCakes118
Size

56KB
Sample

240929-cekb6aycla
MD5

fd944c4255de42d17942fec624bc4674
SHA1

e333ccf39c83dfa4d30b1639358532a6e5ee3ea4
SHA256

68d70d749a7f781fa0ea6e41f71eb34e21111bdf674182b74d79bbb17b4c785a
SHA512

bed1d36962ddc58e5eb916296b419ba54ef01a7f709a8d6e0ee988b0f4c1cb08fd3253c82d00ebac6fab9d9682c8bb524c40936890ee4fa01d48ea0d6e08d0ea
SSDEEP

768:498dt9IfgSyiBoFRJ5L5BPhHvhhiVoi3Nm2M9f+BSUImDpJ92WyF6EJGpNoyGE:40cyqwJ5PlhHF26UvpL2Wx0GNoy

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  fd944c4255de42d17942fec624bc4674_JaffaCakes118
- Size
  
  56KB
- MD5
  
  fd944c4255de42d17942fec624bc4674
- SHA1
  
  e333ccf39c83dfa4d30b1639358532a6e5ee3ea4
- SHA256
  
  68d70d749a7f781fa0ea6e41f71eb34e21111bdf674182b74d79bbb17b4c785a
- SHA512
  
  bed1d36962ddc58e5eb916296b419ba54ef01a7f709a8d6e0ee988b0f4c1cb08fd3253c82d00ebac6fab9d9682c8bb524c40936890ee4fa01d48ea0d6e08d0ea
- SSDEEP
  
  768:498dt9IfgSyiBoFRJ5L5BPhHvhhiVoi3Nm2M9f+BSUImDpJ92WyF6EJGpNoyGE:40cyqwJ5PlhHF26UvpL2Wx0GNoy
Score

8^/10

discovery persistence
- Adds policy Run key to start application
  persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence