f3070509254ff629966d53a1d8a277311b17b7ded7219d25eb5932f5938cbd8a | Triage

Sharing

General

Target

2545c3041f9a3896f657eabb8a169d4f_JaffaCakes118
Size

116KB
Sample

240704-kb854ssdkm
MD5

2545c3041f9a3896f657eabb8a169d4f
SHA1

27827bfb4faaea07194988f57d2907aa520cd60f
SHA256

f3070509254ff629966d53a1d8a277311b17b7ded7219d25eb5932f5938cbd8a
SHA512

aef83cfdbeefec91a926b37c3d21e84e471b70bb9046d9b426d235d88cc607a4b25c55763873f6df6a5b3b91aa15a227ff29102aee3d4ac4f63afede53072e4a
SSDEEP

1536:ss+jhi0Ckg2QtJoIvM4EXf5uEp54yhFeK0JJmlhU8KKbDHZyRFOJMeiO0mUQA+jG:xim2QtJoaUFP4Jj8DX0RFOXdTm+Ot

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  2545c3041f9a3896f657eabb8a169d4f_JaffaCakes118
- Size
  
  116KB
- MD5
  
  2545c3041f9a3896f657eabb8a169d4f
- SHA1
  
  27827bfb4faaea07194988f57d2907aa520cd60f
- SHA256
  
  f3070509254ff629966d53a1d8a277311b17b7ded7219d25eb5932f5938cbd8a
- SHA512
  
  aef83cfdbeefec91a926b37c3d21e84e471b70bb9046d9b426d235d88cc607a4b25c55763873f6df6a5b3b91aa15a227ff29102aee3d4ac4f63afede53072e4a
- SSDEEP
  
  1536:ss+jhi0Ckg2QtJoIvM4EXf5uEp54yhFeK0JJmlhU8KKbDHZyRFOJMeiO0mUQA+jG:xim2QtJoaUFP4Jj8DX0RFOXdTm+Ot
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2