a52c1e62a03f1904cbc724721fd07fafff37c284ed608df236edd4273290192a | Triage

Sharing

General

Target

b38d3c140612e43bc8ba91a1c351b702_JaffaCakes118
Size

278KB
Sample

240821-p89v5azckb
MD5

b38d3c140612e43bc8ba91a1c351b702
SHA1

c79aebd38bdbb49c850a20850efec58d6f9749de
SHA256

a52c1e62a03f1904cbc724721fd07fafff37c284ed608df236edd4273290192a
SHA512

6a2ea02771e848c54ea27c6395ea422054010849f3df3223aeec1b88df437fa9e836ed295cd8326daba10739e88055071127ee2f6ad7194eecab6601a2a27424
SSDEEP

6144:9p4bOG6rzysDrwsSSY5krD77q3UwQi7CQCAEzoPS:9poZTkrwsSSYWn77OUZi73CToP

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  b38d3c140612e43bc8ba91a1c351b702_JaffaCakes118
- Size
  
  278KB
- MD5
  
  b38d3c140612e43bc8ba91a1c351b702
- SHA1
  
  c79aebd38bdbb49c850a20850efec58d6f9749de
- SHA256
  
  a52c1e62a03f1904cbc724721fd07fafff37c284ed608df236edd4273290192a
- SHA512
  
  6a2ea02771e848c54ea27c6395ea422054010849f3df3223aeec1b88df437fa9e836ed295cd8326daba10739e88055071127ee2f6ad7194eecab6601a2a27424
- SSDEEP
  
  6144:9p4bOG6rzysDrwsSSY5krD77q3UwQi7CQCAEzoPS:9poZTkrwsSSYWn77OUZi73CToP
Score

7^/10

discovery persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2