6d1d2dc979d5e6a16b0b80ed502ab3c9bb9a8e2373dc6f74024ed369b341985e | Triage

Sharing

General

Target

fe85dfd6bcf07149a24f3238c0da4b85_JaffaCakes118
Size

794KB
Sample

240929-pmqv5axfjb
MD5

fe85dfd6bcf07149a24f3238c0da4b85
SHA1

a8111312339404aa78ce2534ed2119e02e74948a
SHA256

6d1d2dc979d5e6a16b0b80ed502ab3c9bb9a8e2373dc6f74024ed369b341985e
SHA512

416e2ee9c26cd19aaf96f861822ff482f5d2dbc94c6561712675de8b3f51aa495cbf2ecf00819fbb6ea457eed57eda6ccd1e8eb7edea0d78e6094311df579c0a
SSDEEP

12288:ty+rwDS9HQSlB0ucYCOPq3kHralaoLM8+NmrzUjPM8crvPpc:tPs29wS6TOfao8kNSAcrvPp

Score

7^/10

aspackv2 discovery persistence

Malware Config

Targets

- Target
  
  fe85dfd6bcf07149a24f3238c0da4b85_JaffaCakes118
- Size
  
  794KB
- MD5
  
  fe85dfd6bcf07149a24f3238c0da4b85
- SHA1
  
  a8111312339404aa78ce2534ed2119e02e74948a
- SHA256
  
  6d1d2dc979d5e6a16b0b80ed502ab3c9bb9a8e2373dc6f74024ed369b341985e
- SHA512
  
  416e2ee9c26cd19aaf96f861822ff482f5d2dbc94c6561712675de8b3f51aa495cbf2ecf00819fbb6ea457eed57eda6ccd1e8eb7edea0d78e6094311df579c0a
- SSDEEP
  
  12288:ty+rwDS9HQSlB0ucYCOPq3kHralaoLM8+NmrzUjPM8crvPpc:tPs29wS6TOfao8kNSAcrvPp
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence