12e488be01c536228338c2ea8394f037abe120196da30532f1d206f7ac9c9448 | Triage

Sharing

General

Target

JaffaCakes118_174e8b5b7c9b026c2042a57485f898b7
Size

545KB
Sample

250222-e9plgaxphv
MD5

174e8b5b7c9b026c2042a57485f898b7
SHA1

777c745a4cac5d0e8f36a55c65ff075b21c172ba
SHA256

12e488be01c536228338c2ea8394f037abe120196da30532f1d206f7ac9c9448
SHA512

4ccbcc3ac922a360785e5e6a9425840ad38f27cc2d179cf05085d20d03bfef86ec21c34427d493b1feeb5acbbd47d6d005794c96092977e78b3533cc48606457
SSDEEP

12288:3x3e/gePRsOtY/JO2kgV/qjWs9yQsVSzUc:B3Iv7tY/Mbg6WslsVn

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  JaffaCakes118_174e8b5b7c9b026c2042a57485f898b7
- Size
  
  545KB
- MD5
  
  174e8b5b7c9b026c2042a57485f898b7
- SHA1
  
  777c745a4cac5d0e8f36a55c65ff075b21c172ba
- SHA256
  
  12e488be01c536228338c2ea8394f037abe120196da30532f1d206f7ac9c9448
- SHA512
  
  4ccbcc3ac922a360785e5e6a9425840ad38f27cc2d179cf05085d20d03bfef86ec21c34427d493b1feeb5acbbd47d6d005794c96092977e78b3533cc48606457
- SSDEEP
  
  12288:3x3e/gePRsOtY/JO2kgV/qjWs9yQsVSzUc:B3Iv7tY/Mbg6WslsVn
Score

8^/10

discovery persistence
- Adds policy Run key to start application
  persistence
- Drops file in Drivers directory
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence