2341e219a4f0a093d41a5e0ed06f9bf29018bce746076ae1aee2d2694580237f | Triage

Sharing

General

Target

69348937a51e422014c5b459bf3eb3e6_JaffaCakes118
Size

290KB
Sample

240523-a8p4dsff52
MD5

69348937a51e422014c5b459bf3eb3e6
SHA1

097b7e45db2205d375cd1a2f9227b9a2b903c897
SHA256

2341e219a4f0a093d41a5e0ed06f9bf29018bce746076ae1aee2d2694580237f
SHA512

206208526995f7f6f2820347e7a68fbeeee62984024e50733096b51700327339ba26b16676ebbc4564c9baf8596fb95bad63e7607cf23c14a5eb5110bec36e3d
SSDEEP

6144:5fsOV09Du+Rc9DMQtc9LMojzmx1i68Nbk67pkkDvarkdYLx3IhpDM:JX2C9DGh1wi6AkephDv1Y13QpDM

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  69348937a51e422014c5b459bf3eb3e6_JaffaCakes118
- Size
  
  290KB
- MD5
  
  69348937a51e422014c5b459bf3eb3e6
- SHA1
  
  097b7e45db2205d375cd1a2f9227b9a2b903c897
- SHA256
  
  2341e219a4f0a093d41a5e0ed06f9bf29018bce746076ae1aee2d2694580237f
- SHA512
  
  206208526995f7f6f2820347e7a68fbeeee62984024e50733096b51700327339ba26b16676ebbc4564c9baf8596fb95bad63e7607cf23c14a5eb5110bec36e3d
- SSDEEP
  
  6144:5fsOV09Du+Rc9DMQtc9LMojzmx1i68Nbk67pkkDvarkdYLx3IhpDM:JX2C9DGh1wi6AkephDv1Y13QpDM
Score

7^/10

persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2