f574ece3595fb93ca69aced3e3f113ed3e1d246633d9ee29fc7410d80caf724f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ce4438842c5efd9fba2ed4de84ac17cf_JaffaCakes118
Size

12KB
Sample

240906-a2hqqswhkp
MD5

ce4438842c5efd9fba2ed4de84ac17cf
SHA1

16c851f4c6b8cda6c4be8c8fb60ba8fe666ff11e
SHA256

f574ece3595fb93ca69aced3e3f113ed3e1d246633d9ee29fc7410d80caf724f
SHA512

9398dc78aac749e05589d23086ce70880feef07450838e89942593fe9c220847e1a2426843fdf83fc837475a8f009efd40edd623c533dbbbbbeb3a227e86c208
SSDEEP

192:kzMiF1aD9n+ilCbvf7zltw23HiZNW/3RgzO/YdGr58cAT/8U4+0Q3QjISy/Qa9VZ:kty1lCbXXHfXiZqeO/P8j8XrJWzj

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  ce4438842c5efd9fba2ed4de84ac17cf_JaffaCakes118
- Size
  
  12KB
- MD5
  
  ce4438842c5efd9fba2ed4de84ac17cf
- SHA1
  
  16c851f4c6b8cda6c4be8c8fb60ba8fe666ff11e
- SHA256
  
  f574ece3595fb93ca69aced3e3f113ed3e1d246633d9ee29fc7410d80caf724f
- SHA512
  
  9398dc78aac749e05589d23086ce70880feef07450838e89942593fe9c220847e1a2426843fdf83fc837475a8f009efd40edd623c533dbbbbbeb3a227e86c208
- SSDEEP
  
  192:kzMiF1aD9n+ilCbvf7zltw23HiZNW/3RgzO/YdGr58cAT/8U4+0Q3QjISy/Qa9VZ:kty1lCbXXHfXiZqeO/P8j8XrJWzj
Score

8^/10

discovery persistence
- Sets service image path in registry
  persistence
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence