82e1f0ecb3067c541e093db87ccb6593eef9c87602ea0c34202c6c77f2efb124 | Triage

Sharing

General

Target

6528207c6828faf4e8825ad3a2c5ae11_JaffaCakes118
Size

77KB
Sample

240722-22dkkatgmj
MD5

6528207c6828faf4e8825ad3a2c5ae11
SHA1

44b93eba570c0e465a554791bf0c9bbd2023e743
SHA256

82e1f0ecb3067c541e093db87ccb6593eef9c87602ea0c34202c6c77f2efb124
SHA512

7df92bc021d0a606613a566ed8ab335f5fcc9ad1688fa2a02a2c33c80f2cd6fa69d1f13ee2b03b5ae7c45d1cb449de594ceb4d118c8505d9698da5c1ee9aa33b
SSDEEP

1536:0LZvewESXBW5IIe58DeDBb7mxkEJ0cOAwL0QIpk5v:0Rewvo5IIe5geNixkDveQIpM

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  6528207c6828faf4e8825ad3a2c5ae11_JaffaCakes118
- Size
  
  77KB
- MD5
  
  6528207c6828faf4e8825ad3a2c5ae11
- SHA1
  
  44b93eba570c0e465a554791bf0c9bbd2023e743
- SHA256
  
  82e1f0ecb3067c541e093db87ccb6593eef9c87602ea0c34202c6c77f2efb124
- SHA512
  
  7df92bc021d0a606613a566ed8ab335f5fcc9ad1688fa2a02a2c33c80f2cd6fa69d1f13ee2b03b5ae7c45d1cb449de594ceb4d118c8505d9698da5c1ee9aa33b
- SSDEEP
  
  1536:0LZvewESXBW5IIe58DeDBb7mxkEJ0cOAwL0QIpk5v:0Rewvo5IIe5geNixkDveQIpM
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2