d6cded65eb7a451c6431e37f84dd154b22e22c51cbb2961680536b8e50f2d1af | Triage

Sharing

General

Target

bc889dcdb34831817a9c3a6a23953da6_JaffaCakes118
Size

86KB
Sample

240823-t9z5jaybmk
MD5

bc889dcdb34831817a9c3a6a23953da6
SHA1

2c2fe6ef9440698d4172078a63514a2fcef01f99
SHA256

d6cded65eb7a451c6431e37f84dd154b22e22c51cbb2961680536b8e50f2d1af
SHA512

2d410c31210d53a736295cf836aee4b9caa133ad55e03fc144c4b75894c8e1ec89943cdc3d50e7fc10618f98811491154766099e87eb4ffa0bb8daa6234f4f00
SSDEEP

1536:j5GJEhlcbW5sk19lfLvbeIbXWm+nwN6JOs5ga3R6mQD0tbS7rsgAQG917oOthTdA:tGu99lfzqIbXWm+w0Jn5J3RSwgkP7w

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  bc889dcdb34831817a9c3a6a23953da6_JaffaCakes118
- Size
  
  86KB
- MD5
  
  bc889dcdb34831817a9c3a6a23953da6
- SHA1
  
  2c2fe6ef9440698d4172078a63514a2fcef01f99
- SHA256
  
  d6cded65eb7a451c6431e37f84dd154b22e22c51cbb2961680536b8e50f2d1af
- SHA512
  
  2d410c31210d53a736295cf836aee4b9caa133ad55e03fc144c4b75894c8e1ec89943cdc3d50e7fc10618f98811491154766099e87eb4ffa0bb8daa6234f4f00
- SSDEEP
  
  1536:j5GJEhlcbW5sk19lfLvbeIbXWm+nwN6JOs5ga3R6mQD0tbS7rsgAQG917oOthTdA:tGu99lfzqIbXWm+w0Jn5J3RSwgkP7w
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence