9ba77bb7aa0466acbdbd19a1f7695e17ca642f059ed1197403641a7b98dcae96 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2d67639eaa3e6e19d26ff2f39d67dd20_JaffaCakes118
Size

451KB
Sample

241009-jjx75svfnq
MD5

2d67639eaa3e6e19d26ff2f39d67dd20
SHA1

1424d302cc31eb1911e16e2ae23b8b2c4bf1da9e
SHA256

9ba77bb7aa0466acbdbd19a1f7695e17ca642f059ed1197403641a7b98dcae96
SHA512

65deb6b7f8d09e5962d0bdd9f27cd4b9da5f3c2b1dd0a48f87f27cae751f585987f2c100d6cdf7248e0068dd6a63c4a202a270ec0052c8d2a26e50f0c2612fcd
SSDEEP

6144:J8hPTzqmesnHJ9a6JwSq0ZSgkFsfqQ0p5cm7a4PqGfUvc0tnWgyWkqc:J8lzl9q6/S5F7DXbdUU0AHWkqc

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  2d67639eaa3e6e19d26ff2f39d67dd20_JaffaCakes118
- Size
  
  451KB
- MD5
  
  2d67639eaa3e6e19d26ff2f39d67dd20
- SHA1
  
  1424d302cc31eb1911e16e2ae23b8b2c4bf1da9e
- SHA256
  
  9ba77bb7aa0466acbdbd19a1f7695e17ca642f059ed1197403641a7b98dcae96
- SHA512
  
  65deb6b7f8d09e5962d0bdd9f27cd4b9da5f3c2b1dd0a48f87f27cae751f585987f2c100d6cdf7248e0068dd6a63c4a202a270ec0052c8d2a26e50f0c2612fcd
- SSDEEP
  
  6144:J8hPTzqmesnHJ9a6JwSq0ZSgkFsfqQ0p5cm7a4PqGfUvc0tnWgyWkqc:J8lzl9q6/S5F7DXbdUU0AHWkqc
Score

8^/10

discovery persistence
- Sets service image path in registry
  persistence
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence