e548a285d33bab702fd081dc1e97c88c973b9c564d9ac23aa2561c890723b18b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

66c05e4f2757122015a12afa6d860427_JaffaCakes118
Size

84KB
Sample

240723-jv6zesvhre
MD5

66c05e4f2757122015a12afa6d860427
SHA1

16f323aadf986f4bada1a09f04d50d256e75ed26
SHA256

e548a285d33bab702fd081dc1e97c88c973b9c564d9ac23aa2561c890723b18b
SHA512

00ba583070ce5da315eb5408d0b23383e534fb79ce9edd7f8bfe2b72a50461e045720f4d1b257a85bde2efe069a88a4e1364527657d4766ae14e221f43a2f1d9
SSDEEP

1536:J4cl1pNGsHF9IHYN18+8/jcCusotZ4Vt4yxjAixsQfeO/K:+i3pl9IYN18povzkt4jazdK

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  66c05e4f2757122015a12afa6d860427_JaffaCakes118
- Size
  
  84KB
- MD5
  
  66c05e4f2757122015a12afa6d860427
- SHA1
  
  16f323aadf986f4bada1a09f04d50d256e75ed26
- SHA256
  
  e548a285d33bab702fd081dc1e97c88c973b9c564d9ac23aa2561c890723b18b
- SHA512
  
  00ba583070ce5da315eb5408d0b23383e534fb79ce9edd7f8bfe2b72a50461e045720f4d1b257a85bde2efe069a88a4e1364527657d4766ae14e221f43a2f1d9
- SSDEEP
  
  1536:J4cl1pNGsHF9IHYN18+8/jcCusotZ4Vt4yxjAixsQfeO/K:+i3pl9IYN18povzkt4jazdK
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2