gh0strat | 48ac4d271dff5e0f7dd3ec342cd47d196f984555ea82eaff659e2b137c4a656d | Triage

Sharing

General

Target

JaffaCakes118_3cdbf018e0e970a88f33d38b4a4dd548
Size

114KB
Sample

250302-bfx4zayvgt
MD5

3cdbf018e0e970a88f33d38b4a4dd548
SHA1

80d89748b625d743215b31f8db4650ee22b33f97
SHA256

48ac4d271dff5e0f7dd3ec342cd47d196f984555ea82eaff659e2b137c4a656d
SHA512

68006d0e55f62a4f747ae862a6eda6797674ac57ec06a685af3ab93357bff2a1a9afb64d2c7881bf29acc1f8232b9494ad78dbeee236cd402ac26431361eb8c3
SSDEEP

3072:IdpgMxsdSyg4TvtcMk8Lyzb8ckivlu5KgiCbmN:Mpl2GkGMkSgb8Svlu5KgON

Score

10^/10

gh0strat discovery persistence

Malware Config

Targets

- Target
  
  JaffaCakes118_3cdbf018e0e970a88f33d38b4a4dd548
- Size
  
  114KB
- MD5
  
  3cdbf018e0e970a88f33d38b4a4dd548
- SHA1
  
  80d89748b625d743215b31f8db4650ee22b33f97
- SHA256
  
  48ac4d271dff5e0f7dd3ec342cd47d196f984555ea82eaff659e2b137c4a656d
- SHA512
  
  68006d0e55f62a4f747ae862a6eda6797674ac57ec06a685af3ab93357bff2a1a9afb64d2c7881bf29acc1f8232b9494ad78dbeee236cd402ac26431361eb8c3
- SSDEEP
  
  3072:IdpgMxsdSyg4TvtcMk8Lyzb8ckivlu5KgiCbmN:Mpl2GkGMkSgb8Svlu5KgON
Score

8^/10

discovery persistence
- Boot or Logon Autostart Execution: Active Setup
  Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Active Setup

Privilege Escalation

Boot or Logon Autostart Execution

Active Setup

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence