238474a6849e58d1afbbba58a0ace99658bb8215981ea91786cf471f60426c5a | Triage

Sharing

General

Target

09b37bdadd9333e83c75d541f5918f1c_JaffaCakes118
Size

123KB
Sample

240624-vc7c1ssflc
MD5

09b37bdadd9333e83c75d541f5918f1c
SHA1

fc67d46454c18cb1b347167ffcd4bf0802d4499a
SHA256

238474a6849e58d1afbbba58a0ace99658bb8215981ea91786cf471f60426c5a
SHA512

7ba973808cf91a09bc068e2813d03f9d438398c71ee57bb19003f1aa776afd0cc8b6089190a4378b46ef7d220d5d9362e479290c49a2c8da08c7f91e4591637f
SSDEEP

3072:UCjAWZZeimww4uc72ZIVu/JMLcllXw5Ee6PGva:VjXZZdJw5JZ6LcAy

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  uaa.exe
- Size
  
  144KB
- MD5
  
  120cb6528cd6cd5d87c8091b549141e0
- SHA1
  
  1274d57af7e11f22361df7807ff5c213585b2aee
- SHA256
  
  4107ca25f7228c0aa5407b528fa6d48d10734c4ae72088a78857f77c8e289910
- SHA512
  
  58cbbeada86393d285b3a9501c226f98d761bd7ac0de67228af1b2a8586a1b81222f3fe8043f0a7ec5a9431b764634d2e1de98b0dce9bef682287cff76716963
- SSDEEP
  
  3072:8ozK+rVoJoikcb81aWZveimww4uc72ZIVu/JMLqllXw5Eec/Gv:8AKAQArZvdJw5JZ6LeA
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2