43ae4936dd7f0e4408a759c9880250f94b048851c70a45bd88c478183e2e0728 | Triage

Sharing

General

Target

a066e357131731dd27e06a23667d527f_JaffaCakes118
Size

333KB
Sample

240816-3ng69svbjf
MD5

a066e357131731dd27e06a23667d527f
SHA1

53238f05e48c848103b021138799b2d474fc50dd
SHA256

43ae4936dd7f0e4408a759c9880250f94b048851c70a45bd88c478183e2e0728
SHA512

657273d4d3e8209f14daeca9c6baf0d781e0e0eea26e37e1064282c8f847640e2a3b4b910aabdca0a70aceab0f493438b8d853308e055f1bd2fea08f9bd06801
SSDEEP

6144:i80UKaRzEfCGF16F1xx+rHMYbvcOdNS0KCGOgmLArll67y0vAbGRB1zeV:i80UKaRI316Dxxsxvck6Ogm6ll62oRj2

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  a066e357131731dd27e06a23667d527f_JaffaCakes118
- Size
  
  333KB
- MD5
  
  a066e357131731dd27e06a23667d527f
- SHA1
  
  53238f05e48c848103b021138799b2d474fc50dd
- SHA256
  
  43ae4936dd7f0e4408a759c9880250f94b048851c70a45bd88c478183e2e0728
- SHA512
  
  657273d4d3e8209f14daeca9c6baf0d781e0e0eea26e37e1064282c8f847640e2a3b4b910aabdca0a70aceab0f493438b8d853308e055f1bd2fea08f9bd06801
- SSDEEP
  
  6144:i80UKaRzEfCGF16F1xx+rHMYbvcOdNS0KCGOgmLArll67y0vAbGRB1zeV:i80UKaRI316Dxxsxvck6Ogm6ll62oRj2
Score

7^/10

discovery persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2