cdbd0a230230f2476b37f28c9696ed136354fd503016a316ec624a2cfb5712bc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

346c4734c19e3025829588a892327833_JaffaCakes118
Size

288KB
Sample

240710-my85qswaqc
MD5

346c4734c19e3025829588a892327833
SHA1

e5f60082ba7304abbee46f56740a931186f3932c
SHA256

cdbd0a230230f2476b37f28c9696ed136354fd503016a316ec624a2cfb5712bc
SHA512

70431cee903aeb0deb7bc4db38d04f5ca63877d3519b59223f41729a32c1b920fcae6b48fbb3851db0f4aaa339f3fa5029ecd8443734797c044f32759ae3f5a9
SSDEEP

6144:HKjBzsuDVxMG3lyUqqLSwAohoRacwu5z469o0vZXbWsl7LR:eNsGV5z9A3REh0l/l7t

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  346c4734c19e3025829588a892327833_JaffaCakes118
- Size
  
  288KB
- MD5
  
  346c4734c19e3025829588a892327833
- SHA1
  
  e5f60082ba7304abbee46f56740a931186f3932c
- SHA256
  
  cdbd0a230230f2476b37f28c9696ed136354fd503016a316ec624a2cfb5712bc
- SHA512
  
  70431cee903aeb0deb7bc4db38d04f5ca63877d3519b59223f41729a32c1b920fcae6b48fbb3851db0f4aaa339f3fa5029ecd8443734797c044f32759ae3f5a9
- SSDEEP
  
  6144:HKjBzsuDVxMG3lyUqqLSwAohoRacwu5z469o0vZXbWsl7LR:eNsGV5z9A3REh0l/l7t
Score

7^/10

persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2