87742fa4d67a5d142e77dbeda2cc02bd2a975bf543ea0505045b096a82068c93 | Triage

Sharing

General

Target

3ce1ae2605aa800c205ef63a45ffdbfa_JaffaCakes118
Size

170KB
Sample

240712-lsyalszgna
MD5

3ce1ae2605aa800c205ef63a45ffdbfa
SHA1

8b592b4413cfa168cd704d9943812ffb0b941430
SHA256

87742fa4d67a5d142e77dbeda2cc02bd2a975bf543ea0505045b096a82068c93
SHA512

25cfd395b022f1216eac7735c6dbc973e388a812a7e710296f194a3018cf40abe459b8bfcecfba652de1f73d5312ad556ac4ab5978354a919ccda15953b96cf8
SSDEEP

3072:8OPTvYsKQrML6dVuamswMeONJZFoC3KwHaxcFjgny86g8jXBu:8O7YENdVutswMZF5KwHaxCwy86ZBu

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  3ce1ae2605aa800c205ef63a45ffdbfa_JaffaCakes118
- Size
  
  170KB
- MD5
  
  3ce1ae2605aa800c205ef63a45ffdbfa
- SHA1
  
  8b592b4413cfa168cd704d9943812ffb0b941430
- SHA256
  
  87742fa4d67a5d142e77dbeda2cc02bd2a975bf543ea0505045b096a82068c93
- SHA512
  
  25cfd395b022f1216eac7735c6dbc973e388a812a7e710296f194a3018cf40abe459b8bfcecfba652de1f73d5312ad556ac4ab5978354a919ccda15953b96cf8
- SSDEEP
  
  3072:8OPTvYsKQrML6dVuamswMeONJZFoC3KwHaxcFjgny86g8jXBu:8O7YENdVutswMZF5KwHaxCwy86ZBu
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2