86717353cdb9075df5d4deba2b63ae2d5d47c07b66c1dd822d089729b897b01a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f423d22f159f07f55079010b785e596a_JaffaCakes118
Size

130KB
Sample

240416-xt4dssbf6t
MD5

f423d22f159f07f55079010b785e596a
SHA1

1192dfada698a20c321cfe048d28fa6f7c310f9d
SHA256

86717353cdb9075df5d4deba2b63ae2d5d47c07b66c1dd822d089729b897b01a
SHA512

f6b5e05c3c7df7ec7b9303b91d14161c89b8ec3236cfa973ea82c91266fad5d8a405c53b44c62c39bc9d3c08ed2eff876690c784a6e518685a31c3c1ff5003ba
SSDEEP

3072:mP9f5c7G22OxGaXeGFdQTRVC12OknBm+GqmMewhY:C5c7G22OxGaXeGFdQTS7ss+8OY

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  f423d22f159f07f55079010b785e596a_JaffaCakes118
- Size
  
  130KB
- MD5
  
  f423d22f159f07f55079010b785e596a
- SHA1
  
  1192dfada698a20c321cfe048d28fa6f7c310f9d
- SHA256
  
  86717353cdb9075df5d4deba2b63ae2d5d47c07b66c1dd822d089729b897b01a
- SHA512
  
  f6b5e05c3c7df7ec7b9303b91d14161c89b8ec3236cfa973ea82c91266fad5d8a405c53b44c62c39bc9d3c08ed2eff876690c784a6e518685a31c3c1ff5003ba
- SSDEEP
  
  3072:mP9f5c7G22OxGaXeGFdQTRVC12OknBm+GqmMewhY:C5c7G22OxGaXeGFdQTS7ss+8OY
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2