5f3c47f1baa95980e6e30bdd98a55c05b53d3cffa055320ccc8683b95b276bf3 | Triage

Sharing

General

Target

82245542bb175ce1a563edcd990825df_JaffaCakes118
Size

333KB
Sample

240801-3dxtzascjk
MD5

82245542bb175ce1a563edcd990825df
SHA1

ebc0edbc42cea698a7ef1a962bae234b03262059
SHA256

5f3c47f1baa95980e6e30bdd98a55c05b53d3cffa055320ccc8683b95b276bf3
SHA512

8014519d7d14739988417ce9e9d02bed5c4c63e21898919c89f49582e111e02be7debc48c7f7e2dfd8fd2b39c664423201f2ce5694e06be9f780947ed95b888c
SSDEEP

6144:fdddQZbZKxgka/p65VIkgnjBj6aurMeXeUd7uloiIv0B:fnaZKxIw3063MWeUFuG/k

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  82245542bb175ce1a563edcd990825df_JaffaCakes118
- Size
  
  333KB
- MD5
  
  82245542bb175ce1a563edcd990825df
- SHA1
  
  ebc0edbc42cea698a7ef1a962bae234b03262059
- SHA256
  
  5f3c47f1baa95980e6e30bdd98a55c05b53d3cffa055320ccc8683b95b276bf3
- SHA512
  
  8014519d7d14739988417ce9e9d02bed5c4c63e21898919c89f49582e111e02be7debc48c7f7e2dfd8fd2b39c664423201f2ce5694e06be9f780947ed95b888c
- SSDEEP
  
  6144:fdddQZbZKxgka/p65VIkgnjBj6aurMeXeUd7uloiIv0B:fnaZKxIw3063MWeUFuG/k
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2