5d5aa1ca0baf66d76e1a866229d55db1347ffc5d41b2483327cfd4e301bccd29 | Triage

Sharing

General

Target

674262e3546f1d34dcbe05b6b961cc0f_JaffaCakes118
Size

168KB
Sample

240723-mszdcasejm
MD5

674262e3546f1d34dcbe05b6b961cc0f
SHA1

86eba312cd8d66e37ff4534be2a7dd8555e45704
SHA256

5d5aa1ca0baf66d76e1a866229d55db1347ffc5d41b2483327cfd4e301bccd29
SHA512

b54c6f510c12098bfeb7b0343416eda3128a734c0e8fa81016245b8c0ec1aaa57aa901ee5379b8f076a5fe0ef3354cdef69234b1f546d9997c4f10aaee82c831
SSDEEP

3072:x+jRXcvsLlp1zGkwdMY0uSdj73zNewj3H0x3TM4h:Gk0lp53ySdjzn3H0x3rh

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  674262e3546f1d34dcbe05b6b961cc0f_JaffaCakes118
- Size
  
  168KB
- MD5
  
  674262e3546f1d34dcbe05b6b961cc0f
- SHA1
  
  86eba312cd8d66e37ff4534be2a7dd8555e45704
- SHA256
  
  5d5aa1ca0baf66d76e1a866229d55db1347ffc5d41b2483327cfd4e301bccd29
- SHA512
  
  b54c6f510c12098bfeb7b0343416eda3128a734c0e8fa81016245b8c0ec1aaa57aa901ee5379b8f076a5fe0ef3354cdef69234b1f546d9997c4f10aaee82c831
- SSDEEP
  
  3072:x+jRXcvsLlp1zGkwdMY0uSdj73zNewj3H0x3TM4h:Gk0lp53ySdjzn3H0x3rh
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2