cff7d4680495922e463ad6d2959179043ad882ac946bdc27026d28c95384bb4b | Triage

Sharing

General

Target

48df49a7dbe5cc7a153633133a8fc9d6_JaffaCakes118
Size

250KB
Sample

240715-jpdexswbkn
MD5

48df49a7dbe5cc7a153633133a8fc9d6
SHA1

4dadf4d92648521067925f02d3e071b3fe3bbc04
SHA256

cff7d4680495922e463ad6d2959179043ad882ac946bdc27026d28c95384bb4b
SHA512

3f7a0680ef43584464394419cb4dc21a90f09357d86c1de8f134afeb564d6ef1297a5b087af51a55783d3b196547ba4ce5230a1bf28e74ede45d025f1fa144cf
SSDEEP

6144:NoxDTbg1+6B3mq4GeUaHDDwGNzDOSK/FUuQk8E2qk:GDTbg1XXeUejxiJ/m/kz

Score

7^/10

persistence upx

Malware Config

Targets

- Target
  
  48df49a7dbe5cc7a153633133a8fc9d6_JaffaCakes118
- Size
  
  250KB
- MD5
  
  48df49a7dbe5cc7a153633133a8fc9d6
- SHA1
  
  4dadf4d92648521067925f02d3e071b3fe3bbc04
- SHA256
  
  cff7d4680495922e463ad6d2959179043ad882ac946bdc27026d28c95384bb4b
- SHA512
  
  3f7a0680ef43584464394419cb4dc21a90f09357d86c1de8f134afeb564d6ef1297a5b087af51a55783d3b196547ba4ce5230a1bf28e74ede45d025f1fa144cf
- SSDEEP
  
  6144:NoxDTbg1+6B3mq4GeUaHDDwGNzDOSK/FUuQk8E2qk:GDTbg1XXeUejxiJ/m/kz
Score

7^/10

persistence upx
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2