80b5945e0a7aad4cb62f65a3013cf1f2e1a53259687fcf74604f3f15aeba033b | Triage

Sharing

General

Target

22c28da0a919974a3d053dc6ad966d17_JaffaCakes118
Size

333KB
Sample

240703-sb2p2athna
MD5

22c28da0a919974a3d053dc6ad966d17
SHA1

8db1edd5a32662a0e427144bc829091dde799eb9
SHA256

80b5945e0a7aad4cb62f65a3013cf1f2e1a53259687fcf74604f3f15aeba033b
SHA512

1762a09ee52238dcbf622a24a60c875e4c88707a22c3cd687d52026d87884850eaeccbab8793487e9e47656924d7cef561a71948c1ddde8b68576e8a207103cd
SSDEEP

6144:G9kFier+3jE5B8f23/BF7hde1d/DmgOQ/GDeucjwVxx:XcoyjE5GfczqDm22L

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  22c28da0a919974a3d053dc6ad966d17_JaffaCakes118
- Size
  
  333KB
- MD5
  
  22c28da0a919974a3d053dc6ad966d17
- SHA1
  
  8db1edd5a32662a0e427144bc829091dde799eb9
- SHA256
  
  80b5945e0a7aad4cb62f65a3013cf1f2e1a53259687fcf74604f3f15aeba033b
- SHA512
  
  1762a09ee52238dcbf622a24a60c875e4c88707a22c3cd687d52026d87884850eaeccbab8793487e9e47656924d7cef561a71948c1ddde8b68576e8a207103cd
- SSDEEP
  
  6144:G9kFier+3jE5B8f23/BF7hde1d/DmgOQ/GDeucjwVxx:XcoyjE5GfczqDm22L
Score

7^/10

persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2