c710b6ed6ef05a6dd3008f521153eded98510c59949e3305e0f96a7e3712fd99 | Triage

Sharing

General

Target

a5b2affa3b7593a89e59fb28efaad330_JaffaCakes118
Size

89KB
Sample

240818-g1lvbszejb
MD5

a5b2affa3b7593a89e59fb28efaad330
SHA1

00b6448f680e3422bf5061992137f0d138427faf
SHA256

c710b6ed6ef05a6dd3008f521153eded98510c59949e3305e0f96a7e3712fd99
SHA512

c5c131f1d0b3e61faebdba8c0006c281a29a367ce814bee31d397fbd6f99a95aa3608b93287f6c14e545015f106878e5482272d269c923fb82b74bd5b57c353c
SSDEEP

768:sWs2lukSlng9TV3orQgw2qP+W0+Nj/r+TbVgtaA9oMNr4fhRACymMGUFuiEZuKUR:flmC2rcPAS9Nr4fhRwF50uKUMXRSz5

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  a5b2affa3b7593a89e59fb28efaad330_JaffaCakes118
- Size
  
  89KB
- MD5
  
  a5b2affa3b7593a89e59fb28efaad330
- SHA1
  
  00b6448f680e3422bf5061992137f0d138427faf
- SHA256
  
  c710b6ed6ef05a6dd3008f521153eded98510c59949e3305e0f96a7e3712fd99
- SHA512
  
  c5c131f1d0b3e61faebdba8c0006c281a29a367ce814bee31d397fbd6f99a95aa3608b93287f6c14e545015f106878e5482272d269c923fb82b74bd5b57c353c
- SSDEEP
  
  768:sWs2lukSlng9TV3orQgw2qP+W0+Nj/r+TbVgtaA9oMNr4fhRACymMGUFuiEZuKUR:flmC2rcPAS9Nr4fhRwF50uKUMXRSz5
Score

8^/10

discovery persistence
- Boot or Logon Autostart Execution: Active Setup
  Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
  persistence
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Active Setup

Privilege Escalation

Boot or Logon Autostart Execution

Active Setup

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence