48bd3699a584d5689afe81ec8df0bd8ac63653a1242ecb52b53efcb6c167c899 | Triage

Sharing

General

Target

000233e0df94dce78f3e011aa7a0e4b1_JaffaCakes118
Size

64KB
Sample

240930-henbpsvfre
MD5

000233e0df94dce78f3e011aa7a0e4b1
SHA1

3593c5e3e796968134db0091582d40c4160ed202
SHA256

48bd3699a584d5689afe81ec8df0bd8ac63653a1242ecb52b53efcb6c167c899
SHA512

5321bc4a3c1fac18d246cb1cd67ac85ccc0f2d3748fbaee0b298fedc5c0e90daca9a85276e8720124ab2c31420ebb90c112a123cc11e29857ef4feb4e6a5c0aa
SSDEEP

384:lqa10DFQ1WqYuu6j2DeB/6mJCtGJnyQTeRSWVWByuIFBKWJB:lqaODFq6F6WWSdwybSWQ6T

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  000233e0df94dce78f3e011aa7a0e4b1_JaffaCakes118
- Size
  
  64KB
- MD5
  
  000233e0df94dce78f3e011aa7a0e4b1
- SHA1
  
  3593c5e3e796968134db0091582d40c4160ed202
- SHA256
  
  48bd3699a584d5689afe81ec8df0bd8ac63653a1242ecb52b53efcb6c167c899
- SHA512
  
  5321bc4a3c1fac18d246cb1cd67ac85ccc0f2d3748fbaee0b298fedc5c0e90daca9a85276e8720124ab2c31420ebb90c112a123cc11e29857ef4feb4e6a5c0aa
- SSDEEP
  
  384:lqa10DFQ1WqYuu6j2DeB/6mJCtGJnyQTeRSWVWByuIFBKWJB:lqaODFq6F6WWSdwybSWQ6T
Score

8^/10

discovery persistence
- Boot or Logon Autostart Execution: Active Setup
  Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
  persistence
- Deletes itself
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Active Setup

Privilege Escalation

Boot or Logon Autostart Execution

Active Setup

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence