8db5a86332804147a35e5d85ec031ac8fbc30ee89717760ec679b68c3e49d3e7 | Triage

Sharing

General

Target

3feb9c70e7501528c9105ae52600ca6e_JaffaCakes118
Size

1.1MB
Sample

240713-dfphyavfmd
MD5

3feb9c70e7501528c9105ae52600ca6e
SHA1

fc3474a47db2508917e7c54b07fdf69774143e27
SHA256

8db5a86332804147a35e5d85ec031ac8fbc30ee89717760ec679b68c3e49d3e7
SHA512

dd7038b5a5ce1f5a7c8770d45441174fde453ac56ef1e65e008e8f486ebf190b0263bcf671849c6efcd5159966366178e4bd5c7247aa4a1cf7e41bc1010db723
SSDEEP

1536:QAy9deTrtGy99gTdCvc632Fgxd6EuHnq5gjtiYfxy9j+9pwTwviFQh:hy9dRU9uCl6Eu2gj4Wxy9j+9p7viFQ

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  3feb9c70e7501528c9105ae52600ca6e_JaffaCakes118
- Size
  
  1.1MB
- MD5
  
  3feb9c70e7501528c9105ae52600ca6e
- SHA1
  
  fc3474a47db2508917e7c54b07fdf69774143e27
- SHA256
  
  8db5a86332804147a35e5d85ec031ac8fbc30ee89717760ec679b68c3e49d3e7
- SHA512
  
  dd7038b5a5ce1f5a7c8770d45441174fde453ac56ef1e65e008e8f486ebf190b0263bcf671849c6efcd5159966366178e4bd5c7247aa4a1cf7e41bc1010db723
- SSDEEP
  
  1536:QAy9deTrtGy99gTdCvc632Fgxd6EuHnq5gjtiYfxy9j+9pwTwviFQh:hy9dRU9uCl6Eu2gj4Wxy9j+9p7viFQ
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2