c6f3ea1826d15d263514e4aa643cf6b75e7741f51eb6cdb9b2c9cea5402413f9 | Triage

Sharing

General

Target

52e95998840e4734c71bcd08e00fbde4_JaffaCakes118
Size

450KB
Sample

241017-wbe3tazgrl
MD5

52e95998840e4734c71bcd08e00fbde4
SHA1

310dc76196fba47d1a3749403f36ff632f994603
SHA256

c6f3ea1826d15d263514e4aa643cf6b75e7741f51eb6cdb9b2c9cea5402413f9
SHA512

ef99aa73cfa6ed7991397f82857635faafbf83c6d70573c77d53a5e577824d21a7fd64898fcdc3c577f3faaad61ddcd3a8c614de927cb46ce5c62e4916a146f1
SSDEEP

12288:d7w8UxTl8fl7+HKcGUYfvWet3H81Uvr0Xz59y:5DXcGUYXP30qiz7y

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  52e95998840e4734c71bcd08e00fbde4_JaffaCakes118
- Size
  
  450KB
- MD5
  
  52e95998840e4734c71bcd08e00fbde4
- SHA1
  
  310dc76196fba47d1a3749403f36ff632f994603
- SHA256
  
  c6f3ea1826d15d263514e4aa643cf6b75e7741f51eb6cdb9b2c9cea5402413f9
- SHA512
  
  ef99aa73cfa6ed7991397f82857635faafbf83c6d70573c77d53a5e577824d21a7fd64898fcdc3c577f3faaad61ddcd3a8c614de927cb46ce5c62e4916a146f1
- SSDEEP
  
  12288:d7w8UxTl8fl7+HKcGUYfvWet3H81Uvr0Xz59y:5DXcGUYXP30qiz7y
Score

8^/10

discovery persistence
- Boot or Logon Autostart Execution: Active Setup
  Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
  persistence
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Active Setup

Privilege Escalation

Boot or Logon Autostart Execution

Active Setup

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Remote System Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2