af4a4be7c76f8e598985b02d7687089f70578fe5ad75e64a00ee6d0fbeabd432 | Triage

Sharing

General

Target

8ce943010fef1665bb60f41525bf029d_JaffaCakes118
Size

83KB
Sample

240812-cndwqsvdqf
MD5

8ce943010fef1665bb60f41525bf029d
SHA1

3f4a8c94b2e083ab4089a299d288f92f00d2d70b
SHA256

af4a4be7c76f8e598985b02d7687089f70578fe5ad75e64a00ee6d0fbeabd432
SHA512

2cc0b17ba0a1c3042631899e0457c812468af1bfead3392841579fb1523fcb604b2f06b69c8cbc2b3c8e626ae7ea6a3aba12597dcc84a886d4f039cd78b9900f
SSDEEP

1536:nQ3pU9zYIg2e2pAnAZDFr+9EFRnj32wLMQIdEBA27hX/F:nGn1JAZJr+C8Q7A27hX/F

Score

6^/10

discovery persistence

Malware Config

Targets

- Target
  
  8ce943010fef1665bb60f41525bf029d_JaffaCakes118
- Size
  
  83KB
- MD5
  
  8ce943010fef1665bb60f41525bf029d
- SHA1
  
  3f4a8c94b2e083ab4089a299d288f92f00d2d70b
- SHA256
  
  af4a4be7c76f8e598985b02d7687089f70578fe5ad75e64a00ee6d0fbeabd432
- SHA512
  
  2cc0b17ba0a1c3042631899e0457c812468af1bfead3392841579fb1523fcb604b2f06b69c8cbc2b3c8e626ae7ea6a3aba12597dcc84a886d4f039cd78b9900f
- SSDEEP
  
  1536:nQ3pU9zYIg2e2pAnAZDFr+9EFRnj32wLMQIdEBA27hX/F:nGn1JAZJr+C8Q7A27hX/F
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence