3a2713022ec30c7dfbd3a633930a48b5fa92067f130cba940f02296c1fae84df | Triage

Sharing

General

Target

8ea01ebba618cbbd47e07e03a3cd549f_JaffaCakes118
Size

110KB
Sample

240812-ny5yrazcnm
MD5

8ea01ebba618cbbd47e07e03a3cd549f
SHA1

12267830f39fa016c1d362ce03ca055c5a6d9548
SHA256

3a2713022ec30c7dfbd3a633930a48b5fa92067f130cba940f02296c1fae84df
SHA512

45b69625910d2f8ad6aba3b5e7e42680570b871ff515f3da4e81b305f5b500a2fcf02ed56523dea0f03106267c3071483be79ae7470ac415652784608a88617f
SSDEEP

3072:sd5D61VH7jIoRMOvTyHEis4QMlrZco2K:CQ5LcUtMPnv

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  8ea01ebba618cbbd47e07e03a3cd549f_JaffaCakes118
- Size
  
  110KB
- MD5
  
  8ea01ebba618cbbd47e07e03a3cd549f
- SHA1
  
  12267830f39fa016c1d362ce03ca055c5a6d9548
- SHA256
  
  3a2713022ec30c7dfbd3a633930a48b5fa92067f130cba940f02296c1fae84df
- SHA512
  
  45b69625910d2f8ad6aba3b5e7e42680570b871ff515f3da4e81b305f5b500a2fcf02ed56523dea0f03106267c3071483be79ae7470ac415652784608a88617f
- SSDEEP
  
  3072:sd5D61VH7jIoRMOvTyHEis4QMlrZco2K:CQ5LcUtMPnv
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Program crash
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence