b76ced50258cc7d4747151b2c9fef734ad3562c33f351fe9d10c8939f0567511 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1005cf86af3f0818d7986f8f2e1f3b0b_JaffaCakes118
Size

28KB
Sample

241003-wtlnbazalk
MD5

1005cf86af3f0818d7986f8f2e1f3b0b
SHA1

a559c680304cc921773a43e681356ea023ccc0b5
SHA256

b76ced50258cc7d4747151b2c9fef734ad3562c33f351fe9d10c8939f0567511
SHA512

1e7090068f8bef5d787ca8703e58a4278a1f0b637886f2b0102006eb607235c912c29df7ebfe6c662376b7e30e9592027dfc20a89e873416d76914dfd2d4c732
SSDEEP

96:XmWQjWL7NdbMildH6CjsnvkqBAiZpNp0RVm3/0SXzN1LYTusxVSU0:XmJsJdbMildD2vdCYpN8vWzN1LESU0

Score

6^/10

discovery persistence

Malware Config

Targets

- Target
  
  1005cf86af3f0818d7986f8f2e1f3b0b_JaffaCakes118
- Size
  
  28KB
- MD5
  
  1005cf86af3f0818d7986f8f2e1f3b0b
- SHA1
  
  a559c680304cc921773a43e681356ea023ccc0b5
- SHA256
  
  b76ced50258cc7d4747151b2c9fef734ad3562c33f351fe9d10c8939f0567511
- SHA512
  
  1e7090068f8bef5d787ca8703e58a4278a1f0b637886f2b0102006eb607235c912c29df7ebfe6c662376b7e30e9592027dfc20a89e873416d76914dfd2d4c732
- SSDEEP
  
  96:XmWQjWL7NdbMildH6CjsnvkqBAiZpNp0RVm3/0SXzN1LYTusxVSU0:XmJsJdbMildD2vdCYpN8vWzN1LESU0
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence