0b510bfa743aa8e4ad4e6383b87e819d19e98ac5fa2d20c64de4d5a2847b5219 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5a057db06aa2c04f570d96f0a8d4d04e_JaffaCakes118
Size

329KB
Sample

240719-ce27zaxfjp
MD5

5a057db06aa2c04f570d96f0a8d4d04e
SHA1

aef84df88b7ba8bdae5f367761b5e5e0e429f59e
SHA256

0b510bfa743aa8e4ad4e6383b87e819d19e98ac5fa2d20c64de4d5a2847b5219
SHA512

8a190cda495c045fc006077720f41213ca2fdc45fe734e86a0cde3bed3ab4b9eb7b683e085d4b7b3b51348e88d6350d96d0f62c0a58091c9b7d37a27804c4891
SSDEEP

6144:DYwaU+TjJ16Qy/VeoUKIVflNiLoWtMJ9QJTPPWZYbdL:MwP+PmQEeooiX+J9Q1nWZc

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  5a057db06aa2c04f570d96f0a8d4d04e_JaffaCakes118
- Size
  
  329KB
- MD5
  
  5a057db06aa2c04f570d96f0a8d4d04e
- SHA1
  
  aef84df88b7ba8bdae5f367761b5e5e0e429f59e
- SHA256
  
  0b510bfa743aa8e4ad4e6383b87e819d19e98ac5fa2d20c64de4d5a2847b5219
- SHA512
  
  8a190cda495c045fc006077720f41213ca2fdc45fe734e86a0cde3bed3ab4b9eb7b683e085d4b7b3b51348e88d6350d96d0f62c0a58091c9b7d37a27804c4891
- SSDEEP
  
  6144:DYwaU+TjJ16Qy/VeoUKIVflNiLoWtMJ9QJTPPWZYbdL:MwP+PmQEeooiX+J9Q1nWZc
Score

7^/10

persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2