dec354b9d61a002be5ce9082e5bef3d5e152149cbf84221bfb769f7c2edc1de3 | Triage

Sharing

General

Target

3919abd70a2663821b085583920cad54_JaffaCakes118
Size

155KB
Sample

240711-pk7qvswdjp
MD5

3919abd70a2663821b085583920cad54
SHA1

1c22e5354cfa148ec81735629de5ddd44828a090
SHA256

dec354b9d61a002be5ce9082e5bef3d5e152149cbf84221bfb769f7c2edc1de3
SHA512

ea7c16202cd624921b7857ace9d9f6f7e47e0af87aef9e4e7bebb218d7516cec6142d3fbfae06fb59a46d0a3a147431cac8d2d6bfb9a9be8aeba3e467013a634
SSDEEP

3072:YkEGY978Q+m4H1FtAOwfXzIgsS7FwxmjSdn8DgysYVIWhvAEPAECaScz:/K58z7TCOwbd7wmjGYGqJzz

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  3919abd70a2663821b085583920cad54_JaffaCakes118
- Size
  
  155KB
- MD5
  
  3919abd70a2663821b085583920cad54
- SHA1
  
  1c22e5354cfa148ec81735629de5ddd44828a090
- SHA256
  
  dec354b9d61a002be5ce9082e5bef3d5e152149cbf84221bfb769f7c2edc1de3
- SHA512
  
  ea7c16202cd624921b7857ace9d9f6f7e47e0af87aef9e4e7bebb218d7516cec6142d3fbfae06fb59a46d0a3a147431cac8d2d6bfb9a9be8aeba3e467013a634
- SSDEEP
  
  3072:YkEGY978Q+m4H1FtAOwfXzIgsS7FwxmjSdn8DgysYVIWhvAEPAECaScz:/K58z7TCOwbd7wmjGYGqJzz
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2