dab5d49baf62b43b7f95df3f0e0070a42975f0239fc3e2e2da161b00540927c6 | Triage

Sharing

General

Target

283f49e1e7af1107ce1fdb3e62815026_JaffaCakes118
Size

327KB
Sample

240706-mn8q8ayfpb
MD5

283f49e1e7af1107ce1fdb3e62815026
SHA1

530230d0caede75419be075691a37b3295a6b9ae
SHA256

dab5d49baf62b43b7f95df3f0e0070a42975f0239fc3e2e2da161b00540927c6
SHA512

7558ae9bc436d8775c7610d96670eb6854771b51a120d5d472ba2bc5daeb4cba2361c50ae3c674e3e51dbeea3c1d1678dfb69a879c103b97dce6aa24e8926e31
SSDEEP

6144:AdHFCf9vsBqU8cCK6Taz6u/eHu+QqKTSs6Nj81YFrec:QFTBqU806OzMdaSsKFT

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  283f49e1e7af1107ce1fdb3e62815026_JaffaCakes118
- Size
  
  327KB
- MD5
  
  283f49e1e7af1107ce1fdb3e62815026
- SHA1
  
  530230d0caede75419be075691a37b3295a6b9ae
- SHA256
  
  dab5d49baf62b43b7f95df3f0e0070a42975f0239fc3e2e2da161b00540927c6
- SHA512
  
  7558ae9bc436d8775c7610d96670eb6854771b51a120d5d472ba2bc5daeb4cba2361c50ae3c674e3e51dbeea3c1d1678dfb69a879c103b97dce6aa24e8926e31
- SSDEEP
  
  6144:AdHFCf9vsBqU8cCK6Taz6u/eHu+QqKTSs6Nj81YFrec:QFTBqU806OzMdaSsKFT
Score

7^/10

persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2