79c21c18aa7d6070e79b51ac91c3b9fae5c373980ac1ef784343e3f45d0ebaae | Triage

Sharing

General

Target

342bb012cd13db3227b6d525a63850de_JaffaCakes118
Size

305KB
Sample

240710-ljwqeszekq
MD5

342bb012cd13db3227b6d525a63850de
SHA1

9997bbfc197aeb471ad5cb0932a26cb495cd5e35
SHA256

79c21c18aa7d6070e79b51ac91c3b9fae5c373980ac1ef784343e3f45d0ebaae
SHA512

3ef5fb6430cc3a9b36db107b572842f1287bf6a8a53a39b6bdda864cb4710f9cd2fd1fdc4303bbaf0c12cdb3aee864b2660f7a587cc0d325cdc4c8fc8bca609d
SSDEEP

6144:5GSzaT72Y0SUzinYKTY1SQshfRPVQe1MZkIYSccr7wbstOSPECYeixlYGicW:5Gqu7SSHYsY1UMqMZJYSN7wbstOS8fvg

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  342bb012cd13db3227b6d525a63850de_JaffaCakes118
- Size
  
  305KB
- MD5
  
  342bb012cd13db3227b6d525a63850de
- SHA1
  
  9997bbfc197aeb471ad5cb0932a26cb495cd5e35
- SHA256
  
  79c21c18aa7d6070e79b51ac91c3b9fae5c373980ac1ef784343e3f45d0ebaae
- SHA512
  
  3ef5fb6430cc3a9b36db107b572842f1287bf6a8a53a39b6bdda864cb4710f9cd2fd1fdc4303bbaf0c12cdb3aee864b2660f7a587cc0d325cdc4c8fc8bca609d
- SSDEEP
  
  6144:5GSzaT72Y0SUzinYKTY1SQshfRPVQe1MZkIYSccr7wbstOSPECYeixlYGicW:5Gqu7SSHYsY1UMqMZJYSN7wbstOS8fvg
Score

7^/10

persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2