f549d0db3ec2e3f14c9c93a81db8bfc6fbb74e4044e8267ab304d41c0885fa1a | Triage

Sharing

General

Target

399c9d33c40dae420ba623798fedd2b9_JaffaCakes118
Size

105KB
Sample

240711-secv3stfke
MD5

399c9d33c40dae420ba623798fedd2b9
SHA1

12e401473410eaed1c9c941431f0c4928110d858
SHA256

f549d0db3ec2e3f14c9c93a81db8bfc6fbb74e4044e8267ab304d41c0885fa1a
SHA512

fb4cb4afb52ea153c7524ad079e0ce657852051d2f14921e0b8337e965142b550ddb9aaa1ef319197028ebf662d832d15bbcc6d06eb8a4d00ef9d36763778cc1
SSDEEP

1536:IlYAtX6OCR8Z69ju4+qZlUYS651zQEPnwv+RbsVHvBScGlpcdBsCrRm:IWAMOCaEduN2UYSm1zQMHbyIYOX

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  399c9d33c40dae420ba623798fedd2b9_JaffaCakes118
- Size
  
  105KB
- MD5
  
  399c9d33c40dae420ba623798fedd2b9
- SHA1
  
  12e401473410eaed1c9c941431f0c4928110d858
- SHA256
  
  f549d0db3ec2e3f14c9c93a81db8bfc6fbb74e4044e8267ab304d41c0885fa1a
- SHA512
  
  fb4cb4afb52ea153c7524ad079e0ce657852051d2f14921e0b8337e965142b550ddb9aaa1ef319197028ebf662d832d15bbcc6d06eb8a4d00ef9d36763778cc1
- SSDEEP
  
  1536:IlYAtX6OCR8Z69ju4+qZlUYS651zQEPnwv+RbsVHvBScGlpcdBsCrRm:IWAMOCaEduN2UYSm1zQMHbyIYOX
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2