d431868df67dd9926e404c8a62de3d14c80ac262c8e312ed4610640d43bc744b | Triage

Sharing

General

Target

eb86f59c8b5b2a861ea8759f75a42f7d_JaffaCakes118
Size

77KB
Sample

240410-t9zh1ahd2y
MD5

eb86f59c8b5b2a861ea8759f75a42f7d
SHA1

ee76cd1b0a1c203c70581bdd7f5ef5c3fe2a4457
SHA256

d431868df67dd9926e404c8a62de3d14c80ac262c8e312ed4610640d43bc744b
SHA512

db20b68cd97443ef8aabf7204b8590bc4945b45eef45e4c8a1ec6cfddb1a554e08f6f875bc915bdbdbc4b553b3e52a11d2da25dbff4ca870c591b62f0547576a
SSDEEP

1536:THxlumK+oPpCnlB5XjZ5YHINO/AQh69UyibUqS:DumjoRCnjnGHPq91q

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  eb86f59c8b5b2a861ea8759f75a42f7d_JaffaCakes118
- Size
  
  77KB
- MD5
  
  eb86f59c8b5b2a861ea8759f75a42f7d
- SHA1
  
  ee76cd1b0a1c203c70581bdd7f5ef5c3fe2a4457
- SHA256
  
  d431868df67dd9926e404c8a62de3d14c80ac262c8e312ed4610640d43bc744b
- SHA512
  
  db20b68cd97443ef8aabf7204b8590bc4945b45eef45e4c8a1ec6cfddb1a554e08f6f875bc915bdbdbc4b553b3e52a11d2da25dbff4ca870c591b62f0547576a
- SSDEEP
  
  1536:THxlumK+oPpCnlB5XjZ5YHINO/AQh69UyibUqS:DumjoRCnjnGHPq91q
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2