ab5dfce4d14ddd7c4a93a9ba851f9fe6d5d47b1070eacadf69ad55170153b658 | Triage

Sharing

General

Target

2a6aebf527d016997988421865d4f744_JaffaCakes118
Size

360KB
Sample

240708-ba2vzavbqn
MD5

2a6aebf527d016997988421865d4f744
SHA1

dc948d470755d23fd86ca29312df6655c424a831
SHA256

ab5dfce4d14ddd7c4a93a9ba851f9fe6d5d47b1070eacadf69ad55170153b658
SHA512

d99f0e684acad36b5b39f312875a71ca8fa09024fc8d5c2d9fcb03991091af6747026e6bd2ced454216b2b74d48631f407e92d6696a441dd16e91ff882eadb54
SSDEEP

6144:zsQzHOsbEnGSwyX3PnhLatx/sU01rkS6OG6KV:z/zu2EnG8X/nGG4AGdV

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  2a6aebf527d016997988421865d4f744_JaffaCakes118
- Size
  
  360KB
- MD5
  
  2a6aebf527d016997988421865d4f744
- SHA1
  
  dc948d470755d23fd86ca29312df6655c424a831
- SHA256
  
  ab5dfce4d14ddd7c4a93a9ba851f9fe6d5d47b1070eacadf69ad55170153b658
- SHA512
  
  d99f0e684acad36b5b39f312875a71ca8fa09024fc8d5c2d9fcb03991091af6747026e6bd2ced454216b2b74d48631f407e92d6696a441dd16e91ff882eadb54
- SSDEEP
  
  6144:zsQzHOsbEnGSwyX3PnhLatx/sU01rkS6OG6KV:z/zu2EnG8X/nGG4AGdV
Score

7^/10

persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2