c0e62d0e247b637d1dbcc6b7fdcfa4296661d280bc5e24efdd2090cf28c00968 | Triage

Sharing

General

Target

6030c57030c4a19aa7a8c63554b646f5_JaffaCakes118
Size

345KB
Sample

240720-165n6szaqj
MD5

6030c57030c4a19aa7a8c63554b646f5
SHA1

f73cd312d485d7151bd2fe8375b7a1175cb753f3
SHA256

c0e62d0e247b637d1dbcc6b7fdcfa4296661d280bc5e24efdd2090cf28c00968
SHA512

19fd0e6abf9bc6234c50d876f3029e454327835080472854d30416ea5d07654fffa225b3aa5b2d6b33376cc88e65fa490bf37ec246ad81e13c55eb25d1438f7e
SSDEEP

6144:xzQMftXypxvyYe1FQ3GSMB5CX+2PhIUFasqoEjaik7w7J:Lftix+7CXnDFzk2ik7w7J

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  6030c57030c4a19aa7a8c63554b646f5_JaffaCakes118
- Size
  
  345KB
- MD5
  
  6030c57030c4a19aa7a8c63554b646f5
- SHA1
  
  f73cd312d485d7151bd2fe8375b7a1175cb753f3
- SHA256
  
  c0e62d0e247b637d1dbcc6b7fdcfa4296661d280bc5e24efdd2090cf28c00968
- SHA512
  
  19fd0e6abf9bc6234c50d876f3029e454327835080472854d30416ea5d07654fffa225b3aa5b2d6b33376cc88e65fa490bf37ec246ad81e13c55eb25d1438f7e
- SSDEEP
  
  6144:xzQMftXypxvyYe1FQ3GSMB5CX+2PhIUFasqoEjaik7w7J:Lftix+7CXnDFzk2ik7w7J
Score

7^/10

persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2