a62d6069b01538b7541dbf3ec7d5e18efb8b3d3ac1d978f52790a63a1b885915 | Triage

Sharing

General

Target

b0e445c4bdfbe3db7d394e071404cecb_JaffaCakes118
Size

288KB
Sample

240820-z88ceatfpf
MD5

b0e445c4bdfbe3db7d394e071404cecb
SHA1

1797e46957c80e13f52e826ad878007488bade44
SHA256

a62d6069b01538b7541dbf3ec7d5e18efb8b3d3ac1d978f52790a63a1b885915
SHA512

02ff58b7818d093fe6ae65dfe204e64caa4900ac7da0d1d2f43623084695f9cfa2d09312511fd53fd89bad41107b45111534a45de096523728789a14994b7e68
SSDEEP

6144:/+L47rMVLhE75fT9ZdLC6a7Bi9RX3ZsgGGZ0sdMhhAgTDk:2L4/MV9E9fTXtzati9J7PZ0sWrAgXk

Score

6^/10

discovery persistence

Malware Config

Targets

- Target
  
  b0e445c4bdfbe3db7d394e071404cecb_JaffaCakes118
- Size
  
  288KB
- MD5
  
  b0e445c4bdfbe3db7d394e071404cecb
- SHA1
  
  1797e46957c80e13f52e826ad878007488bade44
- SHA256
  
  a62d6069b01538b7541dbf3ec7d5e18efb8b3d3ac1d978f52790a63a1b885915
- SHA512
  
  02ff58b7818d093fe6ae65dfe204e64caa4900ac7da0d1d2f43623084695f9cfa2d09312511fd53fd89bad41107b45111534a45de096523728789a14994b7e68
- SSDEEP
  
  6144:/+L47rMVLhE75fT9ZdLC6a7Bi9RX3ZsgGGZ0sdMhhAgTDk:2L4/MV9E9fTXtzati9J7PZ0sWrAgXk
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence