cb261a506b111d4007e82b3e71e4da57b889a1482bfa2093afecd95e9531827b | Triage

Sharing

General

Target

0990e32b124536c31ef5d775c56e8963_JaffaCakes118
Size

156KB
Sample

240620-1n5lfssfml
MD5

0990e32b124536c31ef5d775c56e8963
SHA1

62c4ccd65452c38a663b96e4a60f3cea471afbac
SHA256

cb261a506b111d4007e82b3e71e4da57b889a1482bfa2093afecd95e9531827b
SHA512

3553a2c0846e0f774736991b424d92a11e33d2594ffc04655a6c7e84ba590f5365f24ffd7173b74221616b41724b5ab4d59a9e77eea294be1da0cb05377d1583
SSDEEP

3072:H0gEMwy3BDoBeIxlegNV4w+bAoO659Ex+kLMFoJMuh/1U1u3:H2LWB+e2j0DXEx+kwoJMufAu

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  0990e32b124536c31ef5d775c56e8963_JaffaCakes118
- Size
  
  156KB
- MD5
  
  0990e32b124536c31ef5d775c56e8963
- SHA1
  
  62c4ccd65452c38a663b96e4a60f3cea471afbac
- SHA256
  
  cb261a506b111d4007e82b3e71e4da57b889a1482bfa2093afecd95e9531827b
- SHA512
  
  3553a2c0846e0f774736991b424d92a11e33d2594ffc04655a6c7e84ba590f5365f24ffd7173b74221616b41724b5ab4d59a9e77eea294be1da0cb05377d1583
- SSDEEP
  
  3072:H0gEMwy3BDoBeIxlegNV4w+bAoO659Ex+kLMFoJMuh/1U1u3:H2LWB+e2j0DXEx+kwoJMufAu
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2