5ccab483be6002da6753476ce92e9053938bccb5a8034ed7bb6bef83bbd02fbb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

606d1d7ffd09e9c259eab7704c374556_JaffaCakes118
Size

89KB
Sample

240720-3hyl3ascpn
MD5

606d1d7ffd09e9c259eab7704c374556
SHA1

1b520e062fd3c284e8c20fadfda4ba41fbb16708
SHA256

5ccab483be6002da6753476ce92e9053938bccb5a8034ed7bb6bef83bbd02fbb
SHA512

8966eafc948db94496ec510dbd39d443f34d37ff06b351cbe739c8414c6fc1d47bd8ba683763d05b58ce1f460747818f10188a310501faa63e795e9ae693e226
SSDEEP

1536:dXrkHpYNdGI0n2lMDgw/6uPoOcWBpT0DMYw3TZm1SD7B/Jf:xmY7GI0n2lMDlzwOc4R0DbcTM1U1N

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  606d1d7ffd09e9c259eab7704c374556_JaffaCakes118
- Size
  
  89KB
- MD5
  
  606d1d7ffd09e9c259eab7704c374556
- SHA1
  
  1b520e062fd3c284e8c20fadfda4ba41fbb16708
- SHA256
  
  5ccab483be6002da6753476ce92e9053938bccb5a8034ed7bb6bef83bbd02fbb
- SHA512
  
  8966eafc948db94496ec510dbd39d443f34d37ff06b351cbe739c8414c6fc1d47bd8ba683763d05b58ce1f460747818f10188a310501faa63e795e9ae693e226
- SSDEEP
  
  1536:dXrkHpYNdGI0n2lMDgw/6uPoOcWBpT0DMYw3TZm1SD7B/Jf:xmY7GI0n2lMDlzwOc4R0DbcTM1U1N
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2