88a8de0c33a05b33b7af51946d4461a18e112b00cb129081592f605bb4a0cfef | Triage

Sharing

Copy URL Twitter E-mail

General

Target

280ca99ac7f4ce7f3c2ab3311e3064fe_JaffaCakes118
Size

228KB
Sample

241009-a9x6dswblj
MD5

280ca99ac7f4ce7f3c2ab3311e3064fe
SHA1

37ad20cf937f007babe0d0b13dd1214ea175b71d
SHA256

88a8de0c33a05b33b7af51946d4461a18e112b00cb129081592f605bb4a0cfef
SHA512

9a099e911dc2800b8bd2bc5fdef3778f5379522efc6f5cedcc5e04ce45d34a1fea72a1db4eef9dbe1c2c10ba973fde815bd606d17ce977fc025ca0f8f03c4090
SSDEEP

6144:HPcKRbK6P03AupxI6zG3VgSH7N+kWRNh0/71GJ6:ZP0QgxImG3VgSH7YZNi/P

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  280ca99ac7f4ce7f3c2ab3311e3064fe_JaffaCakes118
- Size
  
  228KB
- MD5
  
  280ca99ac7f4ce7f3c2ab3311e3064fe
- SHA1
  
  37ad20cf937f007babe0d0b13dd1214ea175b71d
- SHA256
  
  88a8de0c33a05b33b7af51946d4461a18e112b00cb129081592f605bb4a0cfef
- SHA512
  
  9a099e911dc2800b8bd2bc5fdef3778f5379522efc6f5cedcc5e04ce45d34a1fea72a1db4eef9dbe1c2c10ba973fde815bd606d17ce977fc025ca0f8f03c4090
- SSDEEP
  
  6144:HPcKRbK6P03AupxI6zG3VgSH7N+kWRNh0/71GJ6:ZP0QgxImG3VgSH7YZNi/P
Score

7^/10

discovery persistence
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2