b3dcd404cce492dae777a25032f03a7cf854e5363f6bbda0a1dce67996403fd9 | Triage

Sharing

General

Target

3c2781dd8949a058ec528f814c2d7d3d_JaffaCakes118
Size

294KB
Sample

240712-f8k3bssgmg
MD5

3c2781dd8949a058ec528f814c2d7d3d
SHA1

4d23d235d5b23b665f8a27002dca285a2eb6b86f
SHA256

b3dcd404cce492dae777a25032f03a7cf854e5363f6bbda0a1dce67996403fd9
SHA512

abf925f2e65873ad6f2645bc7fd2c076fe38f64195da47585421833fce87a3b420156e61dbe438edc69ff424012e11cffc9c7055ea4e7ecda3fcf15a34930fe3
SSDEEP

6144:AZIRo4dsnj6/y47qBRKQ+9q6HPtNygzG9zrlW1bTqlh/C:AqKUsnDBR1+9q6vmg0zr0pTqlh/C

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  3c2781dd8949a058ec528f814c2d7d3d_JaffaCakes118
- Size
  
  294KB
- MD5
  
  3c2781dd8949a058ec528f814c2d7d3d
- SHA1
  
  4d23d235d5b23b665f8a27002dca285a2eb6b86f
- SHA256
  
  b3dcd404cce492dae777a25032f03a7cf854e5363f6bbda0a1dce67996403fd9
- SHA512
  
  abf925f2e65873ad6f2645bc7fd2c076fe38f64195da47585421833fce87a3b420156e61dbe438edc69ff424012e11cffc9c7055ea4e7ecda3fcf15a34930fe3
- SSDEEP
  
  6144:AZIRo4dsnj6/y47qBRKQ+9q6HPtNygzG9zrlW1bTqlh/C:AqKUsnDBR1+9q6vmg0zr0pTqlh/C
Score

7^/10

persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2