ce335fada35ad3baff8f949130352a09854f73d636d841715c7c09fc66cbca64 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1b39cda640513d3b615ab8d912c6ce31_JaffaCakes118
Size

279KB
Sample

240701-n7n2laterk
MD5

1b39cda640513d3b615ab8d912c6ce31
SHA1

bf8629e8088682512e8bd645f5bc6b65244ab9df
SHA256

ce335fada35ad3baff8f949130352a09854f73d636d841715c7c09fc66cbca64
SHA512

a48c89105750fe1faf0e8928396d6c72335eeb0b993fd4e2185af1ebb5324aab39881c4cefe609337a012a1e78d4489169e9cd1378c33b8754d214d44ec5b7fe
SSDEEP

6144:3Yk7RnxF3BEuTP0PvdA8r1eaABpxEJPlLsiJEwpCukSm4krOwM:3Yex0uT8Hq6eaABvuPl5vRkfM

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  1b39cda640513d3b615ab8d912c6ce31_JaffaCakes118
- Size
  
  279KB
- MD5
  
  1b39cda640513d3b615ab8d912c6ce31
- SHA1
  
  bf8629e8088682512e8bd645f5bc6b65244ab9df
- SHA256
  
  ce335fada35ad3baff8f949130352a09854f73d636d841715c7c09fc66cbca64
- SHA512
  
  a48c89105750fe1faf0e8928396d6c72335eeb0b993fd4e2185af1ebb5324aab39881c4cefe609337a012a1e78d4489169e9cd1378c33b8754d214d44ec5b7fe
- SSDEEP
  
  6144:3Yk7RnxF3BEuTP0PvdA8r1eaABpxEJPlLsiJEwpCukSm4krOwM:3Yex0uT8Hq6eaABvuPl5vRkfM
Score

7^/10

persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2