daf0bfc7ab2e768022e049b0b739d72c220e2ffd8efe3404b42389445b65e897 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0ce25174ff1ec23bfc1e88afd5d1bd0a_JaffaCakes118
Size

196KB
Sample

241002-3ea2lasfkj
MD5

0ce25174ff1ec23bfc1e88afd5d1bd0a
SHA1

bded874052baa8cad0992775838ccfa23cb637fe
SHA256

daf0bfc7ab2e768022e049b0b739d72c220e2ffd8efe3404b42389445b65e897
SHA512

fc6d83e659f545d079f370c42365e6490dae0985089b9e6d5c83d670af0199ee7676f326b664c2f019adab5afdd0283992a406f64f1c7c0b0be0dd41b80e00de
SSDEEP

1536:/FWldhQVgd54v9+nxSl8w/Wm054vTgzQ:AlL7NcRidz

Score

10^/10

discovery evasion persistence

Malware Config

Targets

- Target
  
  0ce25174ff1ec23bfc1e88afd5d1bd0a_JaffaCakes118
- Size
  
  196KB
- MD5
  
  0ce25174ff1ec23bfc1e88afd5d1bd0a
- SHA1
  
  bded874052baa8cad0992775838ccfa23cb637fe
- SHA256
  
  daf0bfc7ab2e768022e049b0b739d72c220e2ffd8efe3404b42389445b65e897
- SHA512
  
  fc6d83e659f545d079f370c42365e6490dae0985089b9e6d5c83d670af0199ee7676f326b664c2f019adab5afdd0283992a406f64f1c7c0b0be0dd41b80e00de
- SSDEEP
  
  1536:/FWldhQVgd54v9+nxSl8w/Wm054vTgzQ:AlL7NcRidz
Score

10^/10

discovery evasion persistence
- Modifies visibility of file extensions in Explorer
  evasion
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistence

behavioral2

discoveryevasionpersistence