e51e9567dbe5889d27f41204180e590357fc183f61bea4ff45d259304c972114 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

87f8ccc9a3e44341470eff738ad91e17_JaffaCakes118
Size

321KB
Sample

240810-2nssbssaqr
MD5

87f8ccc9a3e44341470eff738ad91e17
SHA1

c1a26745777b2fbf7613ec04114a9c27ed230004
SHA256

e51e9567dbe5889d27f41204180e590357fc183f61bea4ff45d259304c972114
SHA512

d9ef053e77c64df0fe34c58fe1344a7a827915c390ab794297480c50d8d52311c1db5a1a0aa01786d547e3abae4991ebead2f9d90acf3869cb8e3fa1ca76935f
SSDEEP

6144:/sqbftx4ylkRO7NGQk9u1LvVhyHkOi9SUAgyuFd:cykROhGQk9uhv6HkOi9ZAgyur

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  87f8ccc9a3e44341470eff738ad91e17_JaffaCakes118
- Size
  
  321KB
- MD5
  
  87f8ccc9a3e44341470eff738ad91e17
- SHA1
  
  c1a26745777b2fbf7613ec04114a9c27ed230004
- SHA256
  
  e51e9567dbe5889d27f41204180e590357fc183f61bea4ff45d259304c972114
- SHA512
  
  d9ef053e77c64df0fe34c58fe1344a7a827915c390ab794297480c50d8d52311c1db5a1a0aa01786d547e3abae4991ebead2f9d90acf3869cb8e3fa1ca76935f
- SSDEEP
  
  6144:/sqbftx4ylkRO7NGQk9u1LvVhyHkOi9SUAgyuFd:cykROhGQk9uhv6HkOi9ZAgyur
Score

7^/10

discovery persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2