9c292ce0fc407dee73023181004347251a8146135ef87762541f7889cb5e2a94 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

36c63316c8c447d5cb25191a808b05b9_JaffaCakes118
Size

166KB
Sample

240710-24381axfjd
MD5

36c63316c8c447d5cb25191a808b05b9
SHA1

bac7b159de57c37ee32dc575f51aa405af3c5589
SHA256

9c292ce0fc407dee73023181004347251a8146135ef87762541f7889cb5e2a94
SHA512

31355db0a708cd23d3e6fb0aac5c8cfb29eeeda85acf2e75e79edd26133b8d160a6b30be7e4e877e25273dd523d2276491615e92f248224c1ea1dfd685b79d06
SSDEEP

3072:dGb6iRWp6lM5bfSwJFtVkOgdUOTzYCoiijuef25Q3Sw3J2O3bMolJC:dGbdRW4+5bHuOgUOTzY9525QCu3b

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  36c63316c8c447d5cb25191a808b05b9_JaffaCakes118
- Size
  
  166KB
- MD5
  
  36c63316c8c447d5cb25191a808b05b9
- SHA1
  
  bac7b159de57c37ee32dc575f51aa405af3c5589
- SHA256
  
  9c292ce0fc407dee73023181004347251a8146135ef87762541f7889cb5e2a94
- SHA512
  
  31355db0a708cd23d3e6fb0aac5c8cfb29eeeda85acf2e75e79edd26133b8d160a6b30be7e4e877e25273dd523d2276491615e92f248224c1ea1dfd685b79d06
- SSDEEP
  
  3072:dGb6iRWp6lM5bfSwJFtVkOgdUOTzYCoiijuef25Q3Sw3J2O3bMolJC:dGbdRW4+5bHuOgUOTzY9525QCu3b
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2