ee45dc835ad4e573520b72ff2562b54ef9e020d61e9047b62967267148cf6aa7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2e56f7c973ec43c39242ee1b1e49ad39_JaffaCakes118
Size

12KB
Sample

241009-kx5d2swcqe
MD5

2e56f7c973ec43c39242ee1b1e49ad39
SHA1

0e577f1425c20822e24bab171836cc60ca53640e
SHA256

ee45dc835ad4e573520b72ff2562b54ef9e020d61e9047b62967267148cf6aa7
SHA512

13162e2e32faa10f2bb1fcf24cc2b065d9d0a845a646ebe9a570bfd47510962486ed6623125a35f6930f813575665260d9f7a8be0ed2f54fb8c6a58c213a637b
SSDEEP

192:+y0OvH8C0FlyDzfXmtq+dGjXKQtR4P2cOyg04LAH19h5uWpV0N1Wau8F4sl9CmXB:+oHyjyDjOGH4s0uALh5uW3d6AmX5Qds

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  2e56f7c973ec43c39242ee1b1e49ad39_JaffaCakes118
- Size
  
  12KB
- MD5
  
  2e56f7c973ec43c39242ee1b1e49ad39
- SHA1
  
  0e577f1425c20822e24bab171836cc60ca53640e
- SHA256
  
  ee45dc835ad4e573520b72ff2562b54ef9e020d61e9047b62967267148cf6aa7
- SHA512
  
  13162e2e32faa10f2bb1fcf24cc2b065d9d0a845a646ebe9a570bfd47510962486ed6623125a35f6930f813575665260d9f7a8be0ed2f54fb8c6a58c213a637b
- SSDEEP
  
  192:+y0OvH8C0FlyDzfXmtq+dGjXKQtR4P2cOyg04LAH19h5uWpV0N1Wau8F4sl9CmXB:+oHyjyDjOGH4s0uALh5uW3d6AmX5Qds
Score

8^/10

discovery persistence
- Sets service image path in registry
  persistence
- Deletes itself
- Executes dropped EXE
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence