24e4262ee15b64e71fcb03eb41685b35b60fdf61d434e9b4afd22a21f1247785 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aad784ad5e00afa60b03129227aca4a7_JaffaCakes118
Size

210KB
Sample

240819-nngs6s1gng
MD5

aad784ad5e00afa60b03129227aca4a7
SHA1

8cce82b399405e7a11bc75da37c4c55a65980ca3
SHA256

24e4262ee15b64e71fcb03eb41685b35b60fdf61d434e9b4afd22a21f1247785
SHA512

eb034b276bde2f0e48eeee50c877cbb67c8697bc2e27a8be9bf1b282dcb613020a2d854a3eebd7c847cf1bc4edd7435f9e8fc7888f89fa704ba6bdb1464bcc59
SSDEEP

1536:IHxzvod1oOBIAXKPLU6NN6XzXJqvFN87WisOhtCMe3TmV1WXEseDWwZ:c0IXAXKPLbYqv3NODfe3O1wEsHY

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  aad784ad5e00afa60b03129227aca4a7_JaffaCakes118
- Size
  
  210KB
- MD5
  
  aad784ad5e00afa60b03129227aca4a7
- SHA1
  
  8cce82b399405e7a11bc75da37c4c55a65980ca3
- SHA256
  
  24e4262ee15b64e71fcb03eb41685b35b60fdf61d434e9b4afd22a21f1247785
- SHA512
  
  eb034b276bde2f0e48eeee50c877cbb67c8697bc2e27a8be9bf1b282dcb613020a2d854a3eebd7c847cf1bc4edd7435f9e8fc7888f89fa704ba6bdb1464bcc59
- SSDEEP
  
  1536:IHxzvod1oOBIAXKPLU6NN6XzXJqvFN87WisOhtCMe3TmV1WXEseDWwZ:c0IXAXKPLbYqv3NODfe3O1wEsHY
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence