gh0strat | 796219630fc3e24f622515c674379860e5dab09a87fad86116853ab3d814b2fa | Triage

Sharing

General

Target

JaffaCakes118_623603ffaae2d9f3c8e4d95bac4a1d1a
Size

119KB
Sample

250311-axn2ystpz7
MD5

623603ffaae2d9f3c8e4d95bac4a1d1a
SHA1

04747a700705dabf4b799d1da4f3c9e4be2ecb3d
SHA256

796219630fc3e24f622515c674379860e5dab09a87fad86116853ab3d814b2fa
SHA512

0e95b14168b885456c309e5cfaa0bca25167f3952929dcd38586b789bc168c3b6cf852e382cd2700cdecf33145059ca38757f2cb532ee880ce761f5601308962
SSDEEP

3072:5+RGr/IKKNwhTPu3FwuBcpS717iv83P8Xyb7:Awr/IK1PyZBYMGv83P8XQ

Score

10^/10

gh0strat discovery persistence

Malware Config

Targets

- Target
  
  JaffaCakes118_623603ffaae2d9f3c8e4d95bac4a1d1a
- Size
  
  119KB
- MD5
  
  623603ffaae2d9f3c8e4d95bac4a1d1a
- SHA1
  
  04747a700705dabf4b799d1da4f3c9e4be2ecb3d
- SHA256
  
  796219630fc3e24f622515c674379860e5dab09a87fad86116853ab3d814b2fa
- SHA512
  
  0e95b14168b885456c309e5cfaa0bca25167f3952929dcd38586b789bc168c3b6cf852e382cd2700cdecf33145059ca38757f2cb532ee880ce761f5601308962
- SSDEEP
  
  3072:5+RGr/IKKNwhTPu3FwuBcpS717iv83P8Xyb7:Awr/IK1PyZBYMGv83P8XQ
Score

8^/10

discovery persistence
- Boot or Logon Autostart Execution: Active Setup
  Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Active Setup

Privilege Escalation

Boot or Logon Autostart Execution

Active Setup

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence