1db0d528a7f28587b7b8a6bd34ff63780b4890caf9270d0106f97030a1aaf6a5 | Triage

Sharing

General

Target

055472864274589a3cf615051fc8ef1c_JaffaCakes118
Size

675KB
Sample

241001-ltsrhsxcke
MD5

055472864274589a3cf615051fc8ef1c
SHA1

f054a6feb7226ea5a7135433f72fb9b1b1bae92e
SHA256

1db0d528a7f28587b7b8a6bd34ff63780b4890caf9270d0106f97030a1aaf6a5
SHA512

b37b89a14e1c811a37d2c7cf1396d938d6b852da418ba9c1d479b9c84a546db215f794016a0168e034dd6884fb3297c7509de801da6a69e886a75d5f69cac210
SSDEEP

12288:kJ0p6T06/rm6agttTknjkxCdDLAvzV9FjG5DwtGUNzYkmv8PN:km6H/SSjMyvzVjG5kSkmG

Score

6^/10

discovery persistence

Malware Config

Targets

- Target
  
  055472864274589a3cf615051fc8ef1c_JaffaCakes118
- Size
  
  675KB
- MD5
  
  055472864274589a3cf615051fc8ef1c
- SHA1
  
  f054a6feb7226ea5a7135433f72fb9b1b1bae92e
- SHA256
  
  1db0d528a7f28587b7b8a6bd34ff63780b4890caf9270d0106f97030a1aaf6a5
- SHA512
  
  b37b89a14e1c811a37d2c7cf1396d938d6b852da418ba9c1d479b9c84a546db215f794016a0168e034dd6884fb3297c7509de801da6a69e886a75d5f69cac210
- SSDEEP
  
  12288:kJ0p6T06/rm6agttTknjkxCdDLAvzV9FjG5DwtGUNzYkmv8PN:km6H/SSjMyvzVjG5kSkmG
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence