ef34fb92dbca352d6b395b6b6ab3fe6566ed09316c67b6439d8321f7ee8a340f | Triage

Sharing

General

Target

40ee44e8642afd9e04294da415c7dd1d_JaffaCakes118
Size

50KB
Sample

241013-t5m96swfje
MD5

40ee44e8642afd9e04294da415c7dd1d
SHA1

a9a348ca9548e44b1054d40b42298e74166c8b56
SHA256

ef34fb92dbca352d6b395b6b6ab3fe6566ed09316c67b6439d8321f7ee8a340f
SHA512

8ccfa088c3783512e8968f6736e0b4439d215120dd18e6c15fcfe53087ac0e81d2d5d465101379b42e06e249f3ed0cb67e5aa72aa639af29a5c967b6d838dfa6
SSDEEP

768:eQJmE666HqpuAu7iJaJzzeWNWm9R7/fW6sQu4n91xJucYXsiDK+yvn4LZMp:eQUE56KpuAB4zeWRn7/fK0xgvsn4o

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  40ee44e8642afd9e04294da415c7dd1d_JaffaCakes118
- Size
  
  50KB
- MD5
  
  40ee44e8642afd9e04294da415c7dd1d
- SHA1
  
  a9a348ca9548e44b1054d40b42298e74166c8b56
- SHA256
  
  ef34fb92dbca352d6b395b6b6ab3fe6566ed09316c67b6439d8321f7ee8a340f
- SHA512
  
  8ccfa088c3783512e8968f6736e0b4439d215120dd18e6c15fcfe53087ac0e81d2d5d465101379b42e06e249f3ed0cb67e5aa72aa639af29a5c967b6d838dfa6
- SSDEEP
  
  768:eQJmE666HqpuAu7iJaJzzeWNWm9R7/fW6sQu4n91xJucYXsiDK+yvn4LZMp:eQUE56KpuAB4zeWRn7/fK0xgvsn4o
Score

8^/10

discovery persistence
- Boot or Logon Autostart Execution: Active Setup
  Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
  persistence
- Deletes itself
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Active Setup

Privilege Escalation

Boot or Logon Autostart Execution

Active Setup

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence