gh0strat | 02d2b9857f10b2bcb97505110721d3c20198868ea3a67d437b12acacb353387f | Triage

Sharing

General

Target

JaffaCakes118_3ce865f4ddd2b3d5fd089c63f1e0a805
Size

114KB
Sample

250302-bm2ezazjv4
MD5

3ce865f4ddd2b3d5fd089c63f1e0a805
SHA1

e65efd74c9cb6d3f0f545a440480ad401ce616f3
SHA256

02d2b9857f10b2bcb97505110721d3c20198868ea3a67d437b12acacb353387f
SHA512

6e0e37f3d1b2668f6123a682b18edb5fa8e3fb46dfd15b0ec4ca76170f20db7c66911aa9552dec6bf52d54d1faa9a472a374782729cf82e1341967c68adaec78
SSDEEP

3072:IdpgMxsdSyg4TvtcMk8Lyzb8ckivlu5KxiCbmN:Mpl2GkGMkSgb8Svlu5KxON

Score

10^/10

gh0strat discovery persistence

Malware Config

Targets

- Target
  
  JaffaCakes118_3ce865f4ddd2b3d5fd089c63f1e0a805
- Size
  
  114KB
- MD5
  
  3ce865f4ddd2b3d5fd089c63f1e0a805
- SHA1
  
  e65efd74c9cb6d3f0f545a440480ad401ce616f3
- SHA256
  
  02d2b9857f10b2bcb97505110721d3c20198868ea3a67d437b12acacb353387f
- SHA512
  
  6e0e37f3d1b2668f6123a682b18edb5fa8e3fb46dfd15b0ec4ca76170f20db7c66911aa9552dec6bf52d54d1faa9a472a374782729cf82e1341967c68adaec78
- SSDEEP
  
  3072:IdpgMxsdSyg4TvtcMk8Lyzb8ckivlu5KxiCbmN:Mpl2GkGMkSgb8Svlu5KxON
Score

8^/10

discovery persistence
- Boot or Logon Autostart Execution: Active Setup
  Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Active Setup

Privilege Escalation

Boot or Logon Autostart Execution

Active Setup

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence