e00016ae3f99c81e04e916f5476fc1d965f5553572f4b7b81c6d7f1209f8f807 | Triage

Sharing

General

Target

3a267cfdc8cb0a4126c439e028fc46b2_JaffaCakes118
Size

124KB
Sample

241012-p89v5awdpl
MD5

3a267cfdc8cb0a4126c439e028fc46b2
SHA1

7635d7ac8308155d259484461c9da243da18c6bd
SHA256

e00016ae3f99c81e04e916f5476fc1d965f5553572f4b7b81c6d7f1209f8f807
SHA512

1d2ae1a8a9e22ab5bbeda306faf5bb1fa29bf5704b57a19ee04fdac8173415d7449c7ac1cc2a719788c7cc5d183450624300e091bcf43a9cc45b0fe8298e470a
SSDEEP

768:/0xUM1fz0WPBTKLijLzwvxqbtAHG15hGzpAnvCZgWyrB8aywc+57Tyw0ewDteA4V:u5T6imGtFTR8BGgz6OiT6iX

Score

8^/10

discovery evasion persistence

Malware Config

Targets

- Target
  
  3a267cfdc8cb0a4126c439e028fc46b2_JaffaCakes118
- Size
  
  124KB
- MD5
  
  3a267cfdc8cb0a4126c439e028fc46b2
- SHA1
  
  7635d7ac8308155d259484461c9da243da18c6bd
- SHA256
  
  e00016ae3f99c81e04e916f5476fc1d965f5553572f4b7b81c6d7f1209f8f807
- SHA512
  
  1d2ae1a8a9e22ab5bbeda306faf5bb1fa29bf5704b57a19ee04fdac8173415d7449c7ac1cc2a719788c7cc5d183450624300e091bcf43a9cc45b0fe8298e470a
- SSDEEP
  
  768:/0xUM1fz0WPBTKLijLzwvxqbtAHG15hGzpAnvCZgWyrB8aywc+57Tyw0ewDteA4V:u5T6imGtFTR8BGgz6OiT6iX
Score

8^/10

discovery evasion persistence
- Disables RegEdit via registry modification
  evasion
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistence

behavioral2

discoveryevasionpersistence