cdb05a1dcc2581da7ca3edead71e3201cbd44dfdc97f6ebfeb874b378862300d | Triage

Sharing

General

Target

3165511485d965679a4cac8ec6bcb0ad_JaffaCakes118
Size

358KB
Sample

240709-wkpcvaydkh
MD5

3165511485d965679a4cac8ec6bcb0ad
SHA1

c5ceded7502bcaac99c283fea51fa5208c72a589
SHA256

cdb05a1dcc2581da7ca3edead71e3201cbd44dfdc97f6ebfeb874b378862300d
SHA512

7dc293bf4f42cd58e6fc1fc301316edd72fb55b59ecf3c6781579e50f833adda7335ded54aff2d4686325e883319a61565ed28e1e8fce26e3d6ae7be0c0729f3
SSDEEP

6144:xDnzwMPKotBWuFq/440OQ6iQHWSRpjvpyoWlRlDqDjl4AFyO7Q379VulTweZZa7:aEPBW5/4L6ifSRPFWlRl2t4AyiQjA8eg

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  3165511485d965679a4cac8ec6bcb0ad_JaffaCakes118
- Size
  
  358KB
- MD5
  
  3165511485d965679a4cac8ec6bcb0ad
- SHA1
  
  c5ceded7502bcaac99c283fea51fa5208c72a589
- SHA256
  
  cdb05a1dcc2581da7ca3edead71e3201cbd44dfdc97f6ebfeb874b378862300d
- SHA512
  
  7dc293bf4f42cd58e6fc1fc301316edd72fb55b59ecf3c6781579e50f833adda7335ded54aff2d4686325e883319a61565ed28e1e8fce26e3d6ae7be0c0729f3
- SSDEEP
  
  6144:xDnzwMPKotBWuFq/440OQ6iQHWSRpjvpyoWlRlDqDjl4AFyO7Q379VulTweZZa7:aEPBW5/4L6ifSRPFWlRl2t4AyiQjA8eg
Score

7^/10

persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2