2659998a6463114ff9c74f722d21d95183cdd22c1b19ee833cf22c5816207703 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2d889331ea086dadea368812d7d63036_JaffaCakes118
Size

373KB
Sample

240708-x34qxsvcnq
MD5

2d889331ea086dadea368812d7d63036
SHA1

ab722a2b7a508b0544e85fbb07f03f48144e3d17
SHA256

2659998a6463114ff9c74f722d21d95183cdd22c1b19ee833cf22c5816207703
SHA512

30df4e72b04b663275a529732eb7927b283d8cf198295fcc9ffdeacbe73d06bd19025464e9f52aefac13f3832c24ec03e39d2585106d4a6fdc076f76ce599fef
SSDEEP

6144:wAXnq5hWSr3cPkLCWp+kxLaazQ/rJ6aQ/UR2ERT2ElYRktprr50A:wA65h7r3cPkLXp+k5bzQ/V6a/w4eur7

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  2d889331ea086dadea368812d7d63036_JaffaCakes118
- Size
  
  373KB
- MD5
  
  2d889331ea086dadea368812d7d63036
- SHA1
  
  ab722a2b7a508b0544e85fbb07f03f48144e3d17
- SHA256
  
  2659998a6463114ff9c74f722d21d95183cdd22c1b19ee833cf22c5816207703
- SHA512
  
  30df4e72b04b663275a529732eb7927b283d8cf198295fcc9ffdeacbe73d06bd19025464e9f52aefac13f3832c24ec03e39d2585106d4a6fdc076f76ce599fef
- SSDEEP
  
  6144:wAXnq5hWSr3cPkLCWp+kxLaazQ/rJ6aQ/UR2ERT2ElYRktprr50A:wA65h7r3cPkLXp+k5bzQ/V6a/w4eur7
Score

7^/10

persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2