76e6059ea51d3fc254a58628534aaf07584be45ffefd796ae40090ad08ef50bb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

09e75e6286233f0414c0b447de2f3443_JaffaCakes118
Size

335KB
Sample

240624-v84a8svapf
MD5

09e75e6286233f0414c0b447de2f3443
SHA1

c9b48940f986679a58b16a3a9e2b32bf4f464931
SHA256

76e6059ea51d3fc254a58628534aaf07584be45ffefd796ae40090ad08ef50bb
SHA512

f600c6eb36e75c9e4632eefafc3b5fe2d60a633aaf530502058a6526fdc7eededbbbda191b37b02779a797c40a999b1d5a951218773e845ef7051c0749e4a3df
SSDEEP

6144:7DXDBMJyAJHQ5SHJuqwKf+bUkug1to88ou6MAllX9glIs:7DXDQHQ55qxGbUOto88DOtCv

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  09e75e6286233f0414c0b447de2f3443_JaffaCakes118
- Size
  
  335KB
- MD5
  
  09e75e6286233f0414c0b447de2f3443
- SHA1
  
  c9b48940f986679a58b16a3a9e2b32bf4f464931
- SHA256
  
  76e6059ea51d3fc254a58628534aaf07584be45ffefd796ae40090ad08ef50bb
- SHA512
  
  f600c6eb36e75c9e4632eefafc3b5fe2d60a633aaf530502058a6526fdc7eededbbbda191b37b02779a797c40a999b1d5a951218773e845ef7051c0749e4a3df
- SSDEEP
  
  6144:7DXDBMJyAJHQ5SHJuqwKf+bUkug1to88ou6MAllX9glIs:7DXDQHQ55qxGbUOto88DOtCv
Score

7^/10

persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2