e662bd875513f52cbba9a23b81ea59899f4e546817e27e9208cb418fe387ed58 | Triage

Sharing

General

Target

fe2a22fc21ede46fde6321a27fd01304_JaffaCakes118
Size

32KB
Sample

240929-kne3sswgmj
MD5

fe2a22fc21ede46fde6321a27fd01304
SHA1

9e9d3ac853c789c07494c3ab258e60e8e38024f9
SHA256

e662bd875513f52cbba9a23b81ea59899f4e546817e27e9208cb418fe387ed58
SHA512

6173bc0cda3cf8bbe708c058a99121048fc3e41e44b259577858129bc023d6e3294f81a98f7886a2bcab394b5b48994af2d8b2ab77a06d105927646e3035c245
SSDEEP

384:d9ck0HH+Kmnao1ZKlPqsHT6wmWZXnzVGDryNvW:d9NWHFm9YPq4qWZXnzVsWZ

Score

8^/10

discovery evasion persistence

Malware Config

Targets

- Target
  
  fe2a22fc21ede46fde6321a27fd01304_JaffaCakes118
- Size
  
  32KB
- MD5
  
  fe2a22fc21ede46fde6321a27fd01304
- SHA1
  
  9e9d3ac853c789c07494c3ab258e60e8e38024f9
- SHA256
  
  e662bd875513f52cbba9a23b81ea59899f4e546817e27e9208cb418fe387ed58
- SHA512
  
  6173bc0cda3cf8bbe708c058a99121048fc3e41e44b259577858129bc023d6e3294f81a98f7886a2bcab394b5b48994af2d8b2ab77a06d105927646e3035c245
- SSDEEP
  
  384:d9ck0HH+Kmnao1ZKlPqsHT6wmWZXnzVGDryNvW:d9NWHFm9YPq4qWZXnzVsWZ
Score

8^/10

discovery evasion persistence
- Sets file to hidden
  Modifies file attributes to stop it showing in Explorer etc.
  evasion
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistence

behavioral2

discoveryevasionpersistence