b35693cc33425fd215c0ccb37102525976cab2701a90dfd8b68a707aa220e1b8 | Triage

Sharing

General

Target

342321b1065f87917827380efe8ad094_JaffaCakes118
Size

303KB
Sample

240710-lcylfa1hlc
MD5

342321b1065f87917827380efe8ad094
SHA1

43fc49d5741cad3c614babb0ef705906435dfdd9
SHA256

b35693cc33425fd215c0ccb37102525976cab2701a90dfd8b68a707aa220e1b8
SHA512

1d3fef881e215090de8f47c5a6acfee197ce832d9e3bf642f97157f39c98b2c2860fe92fe7f161bcdb5f9ecd6b563d0a5b6e2566ac34aea2258b3765a6d142b5
SSDEEP

6144:7aFbxM0wB442mNFzpKbkYAs/Cnem80uZd:7N/lpzssB8Rd

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  342321b1065f87917827380efe8ad094_JaffaCakes118
- Size
  
  303KB
- MD5
  
  342321b1065f87917827380efe8ad094
- SHA1
  
  43fc49d5741cad3c614babb0ef705906435dfdd9
- SHA256
  
  b35693cc33425fd215c0ccb37102525976cab2701a90dfd8b68a707aa220e1b8
- SHA512
  
  1d3fef881e215090de8f47c5a6acfee197ce832d9e3bf642f97157f39c98b2c2860fe92fe7f161bcdb5f9ecd6b563d0a5b6e2566ac34aea2258b3765a6d142b5
- SSDEEP
  
  6144:7aFbxM0wB442mNFzpKbkYAs/Cnem80uZd:7N/lpzssB8Rd
Score

7^/10

persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2