eeac8af00299e8d1b3d4d50f9ca5c3d6c140f7bf498308ffab291a72c29c2b02 | Triage

Sharing

General

Target

ce4a6fbfe23921da7e20d5dfc3375cea_JaffaCakes118
Size

24KB
Sample

240906-bcz46axhpa
MD5

ce4a6fbfe23921da7e20d5dfc3375cea
SHA1

6935f290b6efde10ca59b74d9170717b1660d4de
SHA256

eeac8af00299e8d1b3d4d50f9ca5c3d6c140f7bf498308ffab291a72c29c2b02
SHA512

8b41441fe48018bca348444c186eae9e80dce0069d719fd42f247148a6b121f1aff52a023ae99efbf5a9e57488e5f64d9b2e192eaa57342b50783a4a410e60e8
SSDEEP

384:x1uM7gRGSihcLNCT8wIX8w6iL9BC+/NNKEtbjAf:x8O4Gph6wnwNBb/j1fA

Score

6^/10

discovery persistence

Malware Config

Targets

- Target
  
  ce4a6fbfe23921da7e20d5dfc3375cea_JaffaCakes118
- Size
  
  24KB
- MD5
  
  ce4a6fbfe23921da7e20d5dfc3375cea
- SHA1
  
  6935f290b6efde10ca59b74d9170717b1660d4de
- SHA256
  
  eeac8af00299e8d1b3d4d50f9ca5c3d6c140f7bf498308ffab291a72c29c2b02
- SHA512
  
  8b41441fe48018bca348444c186eae9e80dce0069d719fd42f247148a6b121f1aff52a023ae99efbf5a9e57488e5f64d9b2e192eaa57342b50783a4a410e60e8
- SSDEEP
  
  384:x1uM7gRGSihcLNCT8wIX8w6iL9BC+/NNKEtbjAf:x8O4Gph6wnwNBb/j1fA
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence