0a14608caef9db3670d6e9830e2f9fa902f258db28f3b5ca638e9da3a5bcaf6b | Triage

Sharing

General

Target

27c0cc7bdd4d1ca55a6b13a194a0c23c_JaffaCakes118
Size

27KB
Sample

241009-atbmfsxgjf
MD5

27c0cc7bdd4d1ca55a6b13a194a0c23c
SHA1

da4141b57936b0e1ec5e1446db7f22e50d22491a
SHA256

0a14608caef9db3670d6e9830e2f9fa902f258db28f3b5ca638e9da3a5bcaf6b
SHA512

42a4d81c44d235d552d5999e75403999c489b813b6de73cbc5cd8b5ca3dca6161c299c197a28d5d8a768b894680ce1fd0afc676d916fe5093c404a13e6617389
SSDEEP

768:jcK+J9zd264iPpE68nrNlqevx09vafZkhOG:oKS9R2Ghwp5IafZkhOG

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  27c0cc7bdd4d1ca55a6b13a194a0c23c_JaffaCakes118
- Size
  
  27KB
- MD5
  
  27c0cc7bdd4d1ca55a6b13a194a0c23c
- SHA1
  
  da4141b57936b0e1ec5e1446db7f22e50d22491a
- SHA256
  
  0a14608caef9db3670d6e9830e2f9fa902f258db28f3b5ca638e9da3a5bcaf6b
- SHA512
  
  42a4d81c44d235d552d5999e75403999c489b813b6de73cbc5cd8b5ca3dca6161c299c197a28d5d8a768b894680ce1fd0afc676d916fe5093c404a13e6617389
- SSDEEP
  
  768:jcK+J9zd264iPpE68nrNlqevx09vafZkhOG:oKS9R2Ghwp5IafZkhOG
Score

7^/10

discovery persistence
- Drops startup file
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence