5fb47ede722d3b0d2333eb30fa25a68389bc7cd8c041a0489b85506b7359ccea | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5ab562c1d95192525c18e7cf0dc3c522_JaffaCakes118
Size

138KB
Sample

240719-gkgknsvhkl
MD5

5ab562c1d95192525c18e7cf0dc3c522
SHA1

803d58fdecfe63866f12531737f27efba2347148
SHA256

5fb47ede722d3b0d2333eb30fa25a68389bc7cd8c041a0489b85506b7359ccea
SHA512

8080662468af2fd43b5b8396f1799ed2debcb3de1525a359600ce86b4e1d5161700a0f7fe7933e87d48c4d77703d199245850a2f6353301f4bc23bd866be4616
SSDEEP

1536:EWwYNqaEbCTKKNKy8rosGfO0cBIlCTnl0iIQajXAVH97qVewDzYqcR3Qq3ogeuu2:EPaQCTabgY216SJzxGO80M

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  5ab562c1d95192525c18e7cf0dc3c522_JaffaCakes118
- Size
  
  138KB
- MD5
  
  5ab562c1d95192525c18e7cf0dc3c522
- SHA1
  
  803d58fdecfe63866f12531737f27efba2347148
- SHA256
  
  5fb47ede722d3b0d2333eb30fa25a68389bc7cd8c041a0489b85506b7359ccea
- SHA512
  
  8080662468af2fd43b5b8396f1799ed2debcb3de1525a359600ce86b4e1d5161700a0f7fe7933e87d48c4d77703d199245850a2f6353301f4bc23bd866be4616
- SSDEEP
  
  1536:EWwYNqaEbCTKKNKy8rosGfO0cBIlCTnl0iIQajXAVH97qVewDzYqcR3Qq3ogeuu2:EPaQCTabgY216SJzxGO80M
Score

7^/10

persistence
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2