3191fd056adc16715bea757a4c7050bc25f032cfc699eb06be768713d867a7e6 | Triage

Sharing

General

Target

2f470cbeacd0e24f1f484ae61da88919_JaffaCakes118
Size

47KB
Sample

240709-g3hwfssdne
MD5

2f470cbeacd0e24f1f484ae61da88919
SHA1

090e62fddb7a56f6af6536c64a18dbbdd5aa6f06
SHA256

3191fd056adc16715bea757a4c7050bc25f032cfc699eb06be768713d867a7e6
SHA512

bf8a30defee0181a6c293f84d6e41ba8e278e5041727cede33d48ea53a5498bba22c444679d9ab2c31de7eec6169e5a0d0c5b978ff73293a06a71593be7e2d29
SSDEEP

768:QEy3/0+MF+pyXTtMTQiBtVxHPr5bRftmYIZ4n45J+OOqVhRTlazUR:Q13/KgpGtGQ4DHPrlRFaG45J+EhRhN

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  2f470cbeacd0e24f1f484ae61da88919_JaffaCakes118
- Size
  
  47KB
- MD5
  
  2f470cbeacd0e24f1f484ae61da88919
- SHA1
  
  090e62fddb7a56f6af6536c64a18dbbdd5aa6f06
- SHA256
  
  3191fd056adc16715bea757a4c7050bc25f032cfc699eb06be768713d867a7e6
- SHA512
  
  bf8a30defee0181a6c293f84d6e41ba8e278e5041727cede33d48ea53a5498bba22c444679d9ab2c31de7eec6169e5a0d0c5b978ff73293a06a71593be7e2d29
- SSDEEP
  
  768:QEy3/0+MF+pyXTtMTQiBtVxHPr5bRftmYIZ4n45J+OOqVhRTlazUR:Q13/KgpGtGQ4DHPrlRFaG45J+EhRhN
Score

7^/10

persistence
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2