ef85015c4730f147f93c697081c32049d959fe612fd291b0489eba9029884f6d | Triage

Sharing

General

Target

2e5e70f958c46e2f4681dbac6c9f2b74_JaffaCakes118
Size

48KB
Sample

241009-kzqnnssarq
MD5

2e5e70f958c46e2f4681dbac6c9f2b74
SHA1

77f96351909b93392cafb1002af4b682b2126848
SHA256

ef85015c4730f147f93c697081c32049d959fe612fd291b0489eba9029884f6d
SHA512

ee1ac114ae00b2c156f43294032a78a530af08ee79e50bd6eaf9ccb11da4c367f0c48b342d193c6beca2e0ab70b66be9aa20d0c62a87a16da48653994ff76121
SSDEEP

768:UlTgP2ANyLp5XIFbR0uY25BQkLJlwt7RV:UlTA1NI3W95B9otlV

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  2e5e70f958c46e2f4681dbac6c9f2b74_JaffaCakes118
- Size
  
  48KB
- MD5
  
  2e5e70f958c46e2f4681dbac6c9f2b74
- SHA1
  
  77f96351909b93392cafb1002af4b682b2126848
- SHA256
  
  ef85015c4730f147f93c697081c32049d959fe612fd291b0489eba9029884f6d
- SHA512
  
  ee1ac114ae00b2c156f43294032a78a530af08ee79e50bd6eaf9ccb11da4c367f0c48b342d193c6beca2e0ab70b66be9aa20d0c62a87a16da48653994ff76121
- SSDEEP
  
  768:UlTgP2ANyLp5XIFbR0uY25BQkLJlwt7RV:UlTA1NI3W95B9otlV
Score

8^/10

discovery persistence
- Boot or Logon Autostart Execution: Active Setup
  Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
  persistence
- Deletes itself
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Active Setup

Privilege Escalation

Boot or Logon Autostart Execution

Active Setup

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence