06cce93a2695dd6f4d3ac92cbe2570ceea5d780e316c1e62f2c4786db3c72236 | Triage

Sharing

General

Target

43f80c13eba1c24db5b886b1ef80171f_JaffaCakes118
Size

23KB
Sample

241014-ywx58stfpd
MD5

43f80c13eba1c24db5b886b1ef80171f
SHA1

628c306f413540ef61ac46ba99265743ed775c62
SHA256

06cce93a2695dd6f4d3ac92cbe2570ceea5d780e316c1e62f2c4786db3c72236
SHA512

e009479cf1328a212c009f50a575d1f3eee978443399e498dea0a313847d5ab76aca3fa2098883aa6b1264931238971145ee2f4df5675398aea0cca3408060cc
SSDEEP

384:UsyIO9nHedQMvezk0xmIGz0+/o/PaMM8u8f/axPYzzAWiw4gdbdBMD6uI6loA:kj84frG4+OCVa/axmViwFdBMOuIE

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  43f80c13eba1c24db5b886b1ef80171f_JaffaCakes118
- Size
  
  23KB
- MD5
  
  43f80c13eba1c24db5b886b1ef80171f
- SHA1
  
  628c306f413540ef61ac46ba99265743ed775c62
- SHA256
  
  06cce93a2695dd6f4d3ac92cbe2570ceea5d780e316c1e62f2c4786db3c72236
- SHA512
  
  e009479cf1328a212c009f50a575d1f3eee978443399e498dea0a313847d5ab76aca3fa2098883aa6b1264931238971145ee2f4df5675398aea0cca3408060cc
- SSDEEP
  
  384:UsyIO9nHedQMvezk0xmIGz0+/o/PaMM8u8f/axPYzzAWiw4gdbdBMD6uI6loA:kj84frG4+OCVa/axmViwFdBMOuIE
Score

7^/10

discovery persistence
- Deletes itself
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence