0f06690f2a3c5c254608dae656094ff6ff9874b64951db331e6f32a7f88fd0cc | Triage

Sharing

General

Target

32ec9e3b0d8a1b8ebe90010b0198b9b4_JaffaCakes118
Size

329KB
Sample

240710-cmx8zs1ann
MD5

32ec9e3b0d8a1b8ebe90010b0198b9b4
SHA1

930370a0cbc7ffd83c20b72d707e223c6f9b8248
SHA256

0f06690f2a3c5c254608dae656094ff6ff9874b64951db331e6f32a7f88fd0cc
SHA512

f824f7e136b5217158cbdea5b176a4dcea9405c7d7501145a455e6320ba014997864aed52288b7f14c28ade7f39eb688734c9852661b37a38b0e603808f181db
SSDEEP

6144:rtEn7FUg1iyUXe2ZsD9eBVtQRlc12iVkIFza9TLSDoC3FHvKHMCnv:ra7Fziym920jcc1f929XS335vHk

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  32ec9e3b0d8a1b8ebe90010b0198b9b4_JaffaCakes118
- Size
  
  329KB
- MD5
  
  32ec9e3b0d8a1b8ebe90010b0198b9b4
- SHA1
  
  930370a0cbc7ffd83c20b72d707e223c6f9b8248
- SHA256
  
  0f06690f2a3c5c254608dae656094ff6ff9874b64951db331e6f32a7f88fd0cc
- SHA512
  
  f824f7e136b5217158cbdea5b176a4dcea9405c7d7501145a455e6320ba014997864aed52288b7f14c28ade7f39eb688734c9852661b37a38b0e603808f181db
- SSDEEP
  
  6144:rtEn7FUg1iyUXe2ZsD9eBVtQRlc12iVkIFza9TLSDoC3FHvKHMCnv:ra7Fziym920jcc1f929XS335vHk
Score

7^/10

persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2