4ae814256fb025355b983e0d962d4cb5857968a3ab2b3ca160373b8d5626305e | Triage

Sharing

General

Target

8a2c1b0d9595f4f9e78ff7d0789d2581_JaffaCakes118
Size

1.7MB
Sample

240601-me6v9shh2v
MD5

8a2c1b0d9595f4f9e78ff7d0789d2581
SHA1

3201c5e5c643bcab5d1a3d1584fd365e49f00670
SHA256

4ae814256fb025355b983e0d962d4cb5857968a3ab2b3ca160373b8d5626305e
SHA512

e274bb0d161fe1af266bab8c68fe3a0e8554f7cdb6c9678560da28ccc41a5748218e3af2d89ffdd466914b11def0b152835a9547a9887321cd468bdaa3095cdf
SSDEEP

24576:w+6UW9BQiwAuC7/hJ9AOpuHGRqlBeSOaQevXF5RI5/yBE8FF9:r6UWDnxJeGRqlASOaXFgCF9

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  8a2c1b0d9595f4f9e78ff7d0789d2581_JaffaCakes118
- Size
  
  1.7MB
- MD5
  
  8a2c1b0d9595f4f9e78ff7d0789d2581
- SHA1
  
  3201c5e5c643bcab5d1a3d1584fd365e49f00670
- SHA256
  
  4ae814256fb025355b983e0d962d4cb5857968a3ab2b3ca160373b8d5626305e
- SHA512
  
  e274bb0d161fe1af266bab8c68fe3a0e8554f7cdb6c9678560da28ccc41a5748218e3af2d89ffdd466914b11def0b152835a9547a9887321cd468bdaa3095cdf
- SSDEEP
  
  24576:w+6UW9BQiwAuC7/hJ9AOpuHGRqlBeSOaQevXF5RI5/yBE8FF9:r6UWDnxJeGRqlASOaXFgCF9
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2