41ba40a72b398e5aefd77493c194f54c40046c3edafa0e01fe7ce56e6edb50a3 | Triage

Sharing

General

Target

43c890b977f448179da773c6c5b05519_JaffaCakes118
Size

560KB
Sample

241014-x1aeas1hpa
MD5

43c890b977f448179da773c6c5b05519
SHA1

b724ea6d22ae138900dd50ee4ff8b2bbeffeca20
SHA256

41ba40a72b398e5aefd77493c194f54c40046c3edafa0e01fe7ce56e6edb50a3
SHA512

75fc31522d5607860ce1491c39b0d44626e93ad225a3d572cc5570c0a8762918b7690d4b2dff77fb7dbb1af151f2a35c53021684d5855721326975f1c4d17fcc
SSDEEP

6144:81oIzYiodjCtl+tmC/cFIrpGn1ET46SpLdCoCCKa2qD93tGZIH1Yixb7O:CoTRCtlkc6tGaewpZq59GZIHOEPO

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  43c890b977f448179da773c6c5b05519_JaffaCakes118
- Size
  
  560KB
- MD5
  
  43c890b977f448179da773c6c5b05519
- SHA1
  
  b724ea6d22ae138900dd50ee4ff8b2bbeffeca20
- SHA256
  
  41ba40a72b398e5aefd77493c194f54c40046c3edafa0e01fe7ce56e6edb50a3
- SHA512
  
  75fc31522d5607860ce1491c39b0d44626e93ad225a3d572cc5570c0a8762918b7690d4b2dff77fb7dbb1af151f2a35c53021684d5855721326975f1c4d17fcc
- SSDEEP
  
  6144:81oIzYiodjCtl+tmC/cFIrpGn1ET46SpLdCoCCKa2qD93tGZIH1Yixb7O:CoTRCtlkc6tGaewpZq59GZIHOEPO
Score

7^/10

discovery persistence
- Deletes itself
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2