d4c258a538b6ccdd09abf7b74a43f322760214d198146c8b34ff8aa1d7f2471f | Triage

Sharing

General

Target

ff945d1b82c4732295e45dcbf5352286_JaffaCakes118
Size

293KB
Sample

240930-atvqbsxhqk
MD5

ff945d1b82c4732295e45dcbf5352286
SHA1

700383cde8763449fe891de997b821a751fedca8
SHA256

d4c258a538b6ccdd09abf7b74a43f322760214d198146c8b34ff8aa1d7f2471f
SHA512

15226b979481a146b1f1923b65d12b69de9a91cc5d99a018db99b6018295ef1494b808452c6306c36ff6aab0c1988685d923920d53817cfff05acd7f7cae6081
SSDEEP

6144:KF89lfVHFmCjWmi1v8x4FYfhBwi2L+yotn7BIFOULE+gZpttABbw1/PRoR0:KF8PfVHFDWC4mfhDoHACO+ngttAw/Pqa

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  ff945d1b82c4732295e45dcbf5352286_JaffaCakes118
- Size
  
  293KB
- MD5
  
  ff945d1b82c4732295e45dcbf5352286
- SHA1
  
  700383cde8763449fe891de997b821a751fedca8
- SHA256
  
  d4c258a538b6ccdd09abf7b74a43f322760214d198146c8b34ff8aa1d7f2471f
- SHA512
  
  15226b979481a146b1f1923b65d12b69de9a91cc5d99a018db99b6018295ef1494b808452c6306c36ff6aab0c1988685d923920d53817cfff05acd7f7cae6081
- SSDEEP
  
  6144:KF89lfVHFmCjWmi1v8x4FYfhBwi2L+yotn7BIFOULE+gZpttABbw1/PRoR0:KF8PfVHFDWC4mfhDoHACO+ngttAw/Pqa
Score

7^/10

discovery persistence
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence