01f88a52ff7c35a70dd2417bc335263712a040642b3b5dc2413fcd71bfcc85a9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

07064788eeab48f455cf5d32dd938369_JaffaCakes118
Size

311KB
Sample

240620-sadxksxerj
MD5

07064788eeab48f455cf5d32dd938369
SHA1

38a65782421c181e0b70f8bdbe167f4e12618c72
SHA256

01f88a52ff7c35a70dd2417bc335263712a040642b3b5dc2413fcd71bfcc85a9
SHA512

17f29097ea6e65ff8968119fcc390718a73b7d43838046519ada7e692604e2ec3d6c8dda946a06cba364744c3fe6f5801bdb01f20f5172fbe2cd4b52128e888e
SSDEEP

6144:CqFzRH6nHWHrwD9OgfsLpcKC9bD0V8i68SxJLLpvSQNj7X7d+KGjgfH/HUV:z68Q8dc130VqvpvZj7LHGjof0

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  07064788eeab48f455cf5d32dd938369_JaffaCakes118
- Size
  
  311KB
- MD5
  
  07064788eeab48f455cf5d32dd938369
- SHA1
  
  38a65782421c181e0b70f8bdbe167f4e12618c72
- SHA256
  
  01f88a52ff7c35a70dd2417bc335263712a040642b3b5dc2413fcd71bfcc85a9
- SHA512
  
  17f29097ea6e65ff8968119fcc390718a73b7d43838046519ada7e692604e2ec3d6c8dda946a06cba364744c3fe6f5801bdb01f20f5172fbe2cd4b52128e888e
- SSDEEP
  
  6144:CqFzRH6nHWHrwD9OgfsLpcKC9bD0V8i68SxJLLpvSQNj7X7d+KGjgfH/HUV:z68Q8dc130VqvpvZj7LHGjof0
Score

7^/10

persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2