e509dac46439a5a8d855817219e569054ccbe01e964179650c4b0b6e3b7bb4be | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3ec2896437c9b47c021ab719cd67b28c_JaffaCakes118
Size

90KB
Sample

241013-j5lq8swgjh
MD5

3ec2896437c9b47c021ab719cd67b28c
SHA1

eb0d773cc3b53936585e1f898c291548f23b2005
SHA256

e509dac46439a5a8d855817219e569054ccbe01e964179650c4b0b6e3b7bb4be
SHA512

642302b11e5ffeb07e7ca716309cab8958a69b475af63855d9fbf62d12e1f05926018be99fa4beeda0f4ee53b2ffebb3cdf378fea02994debd976761ec79f628
SSDEEP

1536:fD9FGHFf77u+nAWhc03ENV0CpoWFvd9bXGW+GFR512EJku7pTJjbRvWHgcci20lz:fRFqfn1u0SoWvxXGW+sR/2MkUBpWEgP

Score

6^/10

discovery persistence

Malware Config

Targets

- Target
  
  PersistencyMonitor.exe
- Size
  
  128KB
- MD5
  
  54d3979b6bab76559006aa8009e09929
- SHA1
  
  af70333cd80add67c6ceae6ee9035357b63e9988
- SHA256
  
  a73c8dac720f0b7744bfce66293569c37036696a84bf7428c03592695baf04ad
- SHA512
  
  0e48b24c6d0f39deb6295b431b20f5d8851396e6dcc35c020dbef4f12af25096e03184d9a17090bc1fbd0ab62ef0deadaed14bd6a114232f60ec995b1518ccc9
- SSDEEP
  
  3072:Lv/QJLQ0Vk1a0Eg5gomJu1ZAlXktl0bzEeUR:LQeEg5goMu1Zk00bzEeUR
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
behavioral1 behavioral2
- Target
  
  PlaceHolder.exe
- Size
  
  96KB
- MD5
  
  b16fbff8d86f5c8ed56df61451dd7fe7
- SHA1
  
  2685171e148b5dc3d5e5a38d7208150b0fdb016f
- SHA256
  
  aadad8f36c082aa9bdc8ab48ce4ad21468a0ec0906d0711fa920fb62ec1bdc11
- SHA512
  
  7301a62fb58ad18c81aee5b9cdd714274d0c321e3c9f1ee12ca4d809ef1adeab34eda3c108d74675777fd199f9eadedd879e5127d1c3a6a9d2eced62af4a45df
- SSDEEP
  
  1536:N6qqecokCDt1QCiWcxbaxog+RAW13/XfLax7pvMO/0Uo:gecokytlGb/RbeaO/0Uo
Score

6^/10

persistence discovery
- Adds Run key to start application
  persistence
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence

behavioral3

behavioral4

discoverypersistence