723bd965799be0155e306ff70a102c15c997e3a8bdf8ee0a7b8ab2c8112a2b9c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

07508e746c6a7f3758998bd97b8f608b_JaffaCakes118
Size

333KB
Sample

240620-syvj8svcph
MD5

07508e746c6a7f3758998bd97b8f608b
SHA1

e5a31e1a46f677f5926046e5a1edf002a34ac09e
SHA256

723bd965799be0155e306ff70a102c15c997e3a8bdf8ee0a7b8ab2c8112a2b9c
SHA512

cd7d76718682fbf4a337052467b4bb45f8a9c4b2ab684891df5c4e04d1f46ea4bdac1e51d3c463c97dbe147b274b598929d3341ca6d916a151e952476c9f4729
SSDEEP

6144:Z80UKaRzEfaGOH16F1xx+rHMYbvcOdNS0KCGOgmLArll67y0vAbGRB1ze0:Z80UKaRIwH16Dxxsxvck6Ogm6ll62oRH

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  07508e746c6a7f3758998bd97b8f608b_JaffaCakes118
- Size
  
  333KB
- MD5
  
  07508e746c6a7f3758998bd97b8f608b
- SHA1
  
  e5a31e1a46f677f5926046e5a1edf002a34ac09e
- SHA256
  
  723bd965799be0155e306ff70a102c15c997e3a8bdf8ee0a7b8ab2c8112a2b9c
- SHA512
  
  cd7d76718682fbf4a337052467b4bb45f8a9c4b2ab684891df5c4e04d1f46ea4bdac1e51d3c463c97dbe147b274b598929d3341ca6d916a151e952476c9f4729
- SSDEEP
  
  6144:Z80UKaRzEfaGOH16F1xx+rHMYbvcOdNS0KCGOgmLArll67y0vAbGRB1ze0:Z80UKaRIwH16Dxxsxvck6Ogm6ll62oRH
Score

7^/10

persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2