d0dd28d5aa7ae5f8d62cc9e60231d5978b1c3c8e92b9bf9a468798df4b3090f0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2bdaf96e2fb7a595de5e33b5fe3f5184_JaffaCakes118
Size

120KB
Sample

240708-ln5h5avhnd
MD5

2bdaf96e2fb7a595de5e33b5fe3f5184
SHA1

cd96dc3f50dc196e63307365e40c94d0ce085929
SHA256

d0dd28d5aa7ae5f8d62cc9e60231d5978b1c3c8e92b9bf9a468798df4b3090f0
SHA512

638cf07d67249dde2d7ab5e64c17290e47fa196cd1ab2b8792e3b0db036928b76d0dbb58821beeb2cbef49322a73d9d65b65314a6f316b3c6195cbcdd10fd061
SSDEEP

3072:Z/uDwf9se/JUkxRWySst8CojxrdQU9so:Z/usfOCuQROstGxrdV9

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  2bdaf96e2fb7a595de5e33b5fe3f5184_JaffaCakes118
- Size
  
  120KB
- MD5
  
  2bdaf96e2fb7a595de5e33b5fe3f5184
- SHA1
  
  cd96dc3f50dc196e63307365e40c94d0ce085929
- SHA256
  
  d0dd28d5aa7ae5f8d62cc9e60231d5978b1c3c8e92b9bf9a468798df4b3090f0
- SHA512
  
  638cf07d67249dde2d7ab5e64c17290e47fa196cd1ab2b8792e3b0db036928b76d0dbb58821beeb2cbef49322a73d9d65b65314a6f316b3c6195cbcdd10fd061
- SSDEEP
  
  3072:Z/uDwf9se/JUkxRWySst8CojxrdQU9so:Z/usfOCuQROstGxrdV9
Score

8^/10

persistence
- Boot or Logon Autostart Execution: Active Setup
  Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Active Setup

Privilege Escalation

Boot or Logon Autostart Execution

Active Setup

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2