e18d70121edc20c5e9794cd9df72b1acf87c5f6ec578f09358b228448626dadf | Triage

Sharing

General

Target

13513237ce6a520fdffdfb80d5378328_JaffaCakes118
Size

694KB
Sample

241004-pdgk4atbjm
MD5

13513237ce6a520fdffdfb80d5378328
SHA1

551a78a3747334db651ec20ec12d6bd79c6ded1e
SHA256

e18d70121edc20c5e9794cd9df72b1acf87c5f6ec578f09358b228448626dadf
SHA512

b100d11d76b685691f4b717fa75271de81ddde429d99a287a9c71799d85fa8cc44049239f2bf11692d2789683618b7bda00861de46e9d5ad9b36ddc367c5783f
SSDEEP

12288:lPZOpr0l2bY0TPMQO2kYw4s6ulPfcZNpprxIEdvC0PZTWqWv3:tZOrA2EEPU2RwN6ulMZDVxIivNPZTWL/

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  13513237ce6a520fdffdfb80d5378328_JaffaCakes118
- Size
  
  694KB
- MD5
  
  13513237ce6a520fdffdfb80d5378328
- SHA1
  
  551a78a3747334db651ec20ec12d6bd79c6ded1e
- SHA256
  
  e18d70121edc20c5e9794cd9df72b1acf87c5f6ec578f09358b228448626dadf
- SHA512
  
  b100d11d76b685691f4b717fa75271de81ddde429d99a287a9c71799d85fa8cc44049239f2bf11692d2789683618b7bda00861de46e9d5ad9b36ddc367c5783f
- SSDEEP
  
  12288:lPZOpr0l2bY0TPMQO2kYw4s6ulPfcZNpprxIEdvC0PZTWqWv3:tZOrA2EEPU2RwN6ulMZDVxIivNPZTWL/
Score

8^/10

discovery persistence
- Boot or Logon Autostart Execution: Active Setup
  Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
  persistence
- Deletes itself
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Active Setup

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Active Setup

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2