0ec515a63aa8d8ad6f75e6b597cf50f0acb52c58d408af0e85f123c27241c2b4 | Triage

Sharing

General

Target

46789a1efe2d0f91cf78ae8bd810ecd4_JaffaCakes118
Size

13KB
Sample

241015-h7vlgs1hqa
MD5

46789a1efe2d0f91cf78ae8bd810ecd4
SHA1

fcabf90708377de8db81cd798cd13c86c900b6b4
SHA256

0ec515a63aa8d8ad6f75e6b597cf50f0acb52c58d408af0e85f123c27241c2b4
SHA512

91412a47dd015f53642eb58a46c2d22305efb48663148d380551d66537bca850b55c6ceb18eabc82b2a47da4989fc1872107271ca43bd5f44c5037036890ee67
SSDEEP

384:H0wW2OrRZtRZrtHnUd1z//VfoR6FLroR:H0j2OrRZtFnUjz//VgR6FLro

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  46789a1efe2d0f91cf78ae8bd810ecd4_JaffaCakes118
- Size
  
  13KB
- MD5
  
  46789a1efe2d0f91cf78ae8bd810ecd4
- SHA1
  
  fcabf90708377de8db81cd798cd13c86c900b6b4
- SHA256
  
  0ec515a63aa8d8ad6f75e6b597cf50f0acb52c58d408af0e85f123c27241c2b4
- SHA512
  
  91412a47dd015f53642eb58a46c2d22305efb48663148d380551d66537bca850b55c6ceb18eabc82b2a47da4989fc1872107271ca43bd5f44c5037036890ee67
- SSDEEP
  
  384:H0wW2OrRZtRZrtHnUd1z//VfoR6FLroR:H0j2OrRZtFnUjz//VgR6FLro
Score

7^/10

discovery persistence
- Deletes itself
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence