a85391fa25854b0ffed98f30a91715cab3bcd83b78f23db677c354731f0f35da | Triage

Sharing

General

Target

7529fb772c0f2e35f2b3c5122c244008_JaffaCakes118
Size

661KB
Sample

240726-wt6y9ayhlg
MD5

7529fb772c0f2e35f2b3c5122c244008
SHA1

c2e4244d7bb6e229a69abfaead1f6576a1b40192
SHA256

a85391fa25854b0ffed98f30a91715cab3bcd83b78f23db677c354731f0f35da
SHA512

2999bfd1467cddd8f17107bc6c68b42651a0564b57dae5c62544902b7fd8ba9b3414b03cec454204cad42526879b07366274f5b2f3a37ef5831fe1a03b4475b3
SSDEEP

12288:Si2XBya63I5aRghWsx8N7H8GEDSgRYBF3Z4mxxF7z1aAs7wP0hHZ:SivB47jxouSg2BQmXFVk7wch

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  7529fb772c0f2e35f2b3c5122c244008_JaffaCakes118
- Size
  
  661KB
- MD5
  
  7529fb772c0f2e35f2b3c5122c244008
- SHA1
  
  c2e4244d7bb6e229a69abfaead1f6576a1b40192
- SHA256
  
  a85391fa25854b0ffed98f30a91715cab3bcd83b78f23db677c354731f0f35da
- SHA512
  
  2999bfd1467cddd8f17107bc6c68b42651a0564b57dae5c62544902b7fd8ba9b3414b03cec454204cad42526879b07366274f5b2f3a37ef5831fe1a03b4475b3
- SSDEEP
  
  12288:Si2XBya63I5aRghWsx8N7H8GEDSgRYBF3Z4mxxF7z1aAs7wP0hHZ:SivB47jxouSg2BQmXFVk7wch
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence