e9114d3a81bb51030cfdd32d36521cf2bf1d698b903412cc72e65788b71ecfee | Triage

Sharing

General

Target

0ee37ea44c1573723346c13586fcac4c_JaffaCakes118
Size

237KB
Sample

240625-vr7mbsvgll
MD5

0ee37ea44c1573723346c13586fcac4c
SHA1

030bd42c35207837a372cd1f0c13060c5f6a96e3
SHA256

e9114d3a81bb51030cfdd32d36521cf2bf1d698b903412cc72e65788b71ecfee
SHA512

6bfa1a42fa2ec0c76b4efc0fa3086d89007f92576c12e719e55089f6c8c7c602da15355bade47f35b4f073b68d08c814075d9e508018dcbaaa70b3833636ae66
SSDEEP

6144:GmnWnJoOryJibLf69Vcc4gUA2vJCM/aBpURhmVWf0A6Fuwb:5W+GrbE94gH2vJCYRhDf0AA3b

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  0ee37ea44c1573723346c13586fcac4c_JaffaCakes118
- Size
  
  237KB
- MD5
  
  0ee37ea44c1573723346c13586fcac4c
- SHA1
  
  030bd42c35207837a372cd1f0c13060c5f6a96e3
- SHA256
  
  e9114d3a81bb51030cfdd32d36521cf2bf1d698b903412cc72e65788b71ecfee
- SHA512
  
  6bfa1a42fa2ec0c76b4efc0fa3086d89007f92576c12e719e55089f6c8c7c602da15355bade47f35b4f073b68d08c814075d9e508018dcbaaa70b3833636ae66
- SSDEEP
  
  6144:GmnWnJoOryJibLf69Vcc4gUA2vJCM/aBpURhmVWf0A6Fuwb:5W+GrbE94gH2vJCYRhDf0AA3b
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2