89d0d21ef961666237d50fb7026618402401e1725576d62722208dfbea105e8a | Triage

Sharing

General

Target

32c5d755969a06e18e758d7c5a2727fa_JaffaCakes118
Size

34KB
Sample

240710-btb4naxhlj
MD5

32c5d755969a06e18e758d7c5a2727fa
SHA1

21249332e93c7c1ceef638c90ce281d78139818b
SHA256

89d0d21ef961666237d50fb7026618402401e1725576d62722208dfbea105e8a
SHA512

25dbb77e386163e75c197421639bcaf4aa5e40bbdc8e0ffc72d3351773ad98153561a3a0e45a103d705816c514ac2d102cf26393a5fc00062b6819f2a4d6ab54
SSDEEP

768:lziKS9wcQTBLy/fOjMlFTJue9XxkoS52HA:lziKaU8/6o3JxOk

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  32c5d755969a06e18e758d7c5a2727fa_JaffaCakes118
- Size
  
  34KB
- MD5
  
  32c5d755969a06e18e758d7c5a2727fa
- SHA1
  
  21249332e93c7c1ceef638c90ce281d78139818b
- SHA256
  
  89d0d21ef961666237d50fb7026618402401e1725576d62722208dfbea105e8a
- SHA512
  
  25dbb77e386163e75c197421639bcaf4aa5e40bbdc8e0ffc72d3351773ad98153561a3a0e45a103d705816c514ac2d102cf26393a5fc00062b6819f2a4d6ab54
- SSDEEP
  
  768:lziKS9wcQTBLy/fOjMlFTJue9XxkoS52HA:lziKaU8/6o3JxOk
Score

7^/10

persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2