db34177e41e2507aaf4af20d7c770f992e9747d14ecd2ef441b94a051a3be804 | Triage

Sharing

General

Target

2725a576a0776c900e67b6e88ffe5f15_JaffaCakes118
Size

56KB
Sample

240705-1l7m2awgmp
MD5

2725a576a0776c900e67b6e88ffe5f15
SHA1

555b19207ee93a6fd3d23899ebee5da557b3c449
SHA256

db34177e41e2507aaf4af20d7c770f992e9747d14ecd2ef441b94a051a3be804
SHA512

c66d5d7c7c0e9b8879bc317060ef29f5c4d43ccd7094188e66743f610256718c0d2e5eee76e2e6cbc6e2ce7d5c4e5cbda0dd2a616b702580c94f91d5bccdaa5b
SSDEEP

768:v6C45EC6O5EnWHhLS0ikw/F6TckEt6bzGOj/gW:xfoCMudkwYmt6/rg

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  2725a576a0776c900e67b6e88ffe5f15_JaffaCakes118
- Size
  
  56KB
- MD5
  
  2725a576a0776c900e67b6e88ffe5f15
- SHA1
  
  555b19207ee93a6fd3d23899ebee5da557b3c449
- SHA256
  
  db34177e41e2507aaf4af20d7c770f992e9747d14ecd2ef441b94a051a3be804
- SHA512
  
  c66d5d7c7c0e9b8879bc317060ef29f5c4d43ccd7094188e66743f610256718c0d2e5eee76e2e6cbc6e2ce7d5c4e5cbda0dd2a616b702580c94f91d5bccdaa5b
- SSDEEP
  
  768:v6C45EC6O5EnWHhLS0ikw/F6TckEt6bzGOj/gW:xfoCMudkwYmt6/rg
Score

7^/10

persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2