d5e14a4b44f3f598fc7e56ad413aeace05b5b8c69dbc89d88427e3c43497d59e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b326efdf014670c2b64f52fc908d8ea7_JaffaCakes118
Size

12KB
Sample

240821-msapzsxfrl
MD5

b326efdf014670c2b64f52fc908d8ea7
SHA1

15f417866f42dd86f6af4165d594e099f64704c4
SHA256

d5e14a4b44f3f598fc7e56ad413aeace05b5b8c69dbc89d88427e3c43497d59e
SHA512

d8b2e9e5a4ff8876907684e2797d7f096e2554f82fe76e5bb0561767505e15b95c6e0565a557f2348693b68ca59611b9b19b777f1213a8a26ff6ff6e33875d23
SSDEEP

192:WFSXh4t6Y8c5D+mPtBb5e1DpK0OQRPWX+Z8n7W2Er013iAog91WUvSxkgfM+lg:hgjPtl5e5W+YWkhp1WUa

Score

8^/10

discovery

Malware Config

Targets

- Target
  
  b326efdf014670c2b64f52fc908d8ea7_JaffaCakes118
- Size
  
  12KB
- MD5
  
  b326efdf014670c2b64f52fc908d8ea7
- SHA1
  
  15f417866f42dd86f6af4165d594e099f64704c4
- SHA256
  
  d5e14a4b44f3f598fc7e56ad413aeace05b5b8c69dbc89d88427e3c43497d59e
- SHA512
  
  d8b2e9e5a4ff8876907684e2797d7f096e2554f82fe76e5bb0561767505e15b95c6e0565a557f2348693b68ca59611b9b19b777f1213a8a26ff6ff6e33875d23
- SSDEEP
  
  192:WFSXh4t6Y8c5D+mPtBb5e1DpK0OQRPWX+Z8n7W2Er013iAog91WUvSxkgfM+lg:hgjPtl5e5W+YWkhp1WUa
Score

8^/10

discovery
- Manipulates Digital Signatures
  Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

SIP and Trust Provider Hijacking

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2