02172dbdfd9bc144ef348003c83684b20902f4e9dd37c09008fc21386254fba7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

463a9b78cbdcadc667cbd4f4ca49bf8d_JaffaCakes118
Size

87KB
Sample

241015-g2g8jayhmh
MD5

463a9b78cbdcadc667cbd4f4ca49bf8d
SHA1

3919c17a3227ccf802ba44f7ecc3924dc3335ae7
SHA256

02172dbdfd9bc144ef348003c83684b20902f4e9dd37c09008fc21386254fba7
SHA512

822a02895f768d0ccbc965cdd0618b195c0e2cce123c47b3c2daa9cd1e6c120faeba6b2216b3dba46390d8494ced278e10c72a193a5fe7c291ab354285748917
SSDEEP

1536:zf2F43TyjvWXu298/X0IcYV36TjdhBTFw8gns94GCVl1lhte/:zuaezcm3oXPgsvCJl3e/

Score

6^/10

discovery persistence

Malware Config

Targets

- Target
  
  463a9b78cbdcadc667cbd4f4ca49bf8d_JaffaCakes118
- Size
  
  87KB
- MD5
  
  463a9b78cbdcadc667cbd4f4ca49bf8d
- SHA1
  
  3919c17a3227ccf802ba44f7ecc3924dc3335ae7
- SHA256
  
  02172dbdfd9bc144ef348003c83684b20902f4e9dd37c09008fc21386254fba7
- SHA512
  
  822a02895f768d0ccbc965cdd0618b195c0e2cce123c47b3c2daa9cd1e6c120faeba6b2216b3dba46390d8494ced278e10c72a193a5fe7c291ab354285748917
- SSDEEP
  
  1536:zf2F43TyjvWXu298/X0IcYV36TjdhBTFw8gns94GCVl1lhte/:zuaezcm3oXPgsvCJl3e/
Score

6^/10

persistence discovery
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2