0854f2cadc64b25865d77b70e30d6f160fb471a77985593ffb29cfe1b4211d2a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

639e7a681a5858dded13f742a92b739e_JaffaCakes118
Size

356KB
Sample

240722-r9vhyatbjd
MD5

639e7a681a5858dded13f742a92b739e
SHA1

6351aa5bb9d4a8c291aa8a1dc438612afd34b829
SHA256

0854f2cadc64b25865d77b70e30d6f160fb471a77985593ffb29cfe1b4211d2a
SHA512

afd264b6e0db486bc0dbfa75dfe965bfaa2f61b3d18173a829730fbd5d1aa6e825038c40d17dd7259c2411c311231ede2093e2584dd0047b795bbca57e2788ca
SSDEEP

6144:7vbx88+g1wBFyN3KGMm7CLkAMJsdrGmk66wHmCUhQPNG5:7B+N7yN377CLjDrpkzRX46

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  639e7a681a5858dded13f742a92b739e_JaffaCakes118
- Size
  
  356KB
- MD5
  
  639e7a681a5858dded13f742a92b739e
- SHA1
  
  6351aa5bb9d4a8c291aa8a1dc438612afd34b829
- SHA256
  
  0854f2cadc64b25865d77b70e30d6f160fb471a77985593ffb29cfe1b4211d2a
- SHA512
  
  afd264b6e0db486bc0dbfa75dfe965bfaa2f61b3d18173a829730fbd5d1aa6e825038c40d17dd7259c2411c311231ede2093e2584dd0047b795bbca57e2788ca
- SSDEEP
  
  6144:7vbx88+g1wBFyN3KGMm7CLkAMJsdrGmk66wHmCUhQPNG5:7B+N7yN377CLjDrpkzRX46
Score

7^/10

persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2