54de2d3ab0e88f6e6840426b9bb0a3792014369709b3c8bfd873c0d326330bec | Triage

Sharing

General

Target

d5f079639870855cbc8f1aa9a9fd7e25_JaffaCakes118
Size

1.8MB
Sample

240909-j7gv3a1fna
MD5

d5f079639870855cbc8f1aa9a9fd7e25
SHA1

92145c05a0aba08477ace7b5c3651e75d414e075
SHA256

54de2d3ab0e88f6e6840426b9bb0a3792014369709b3c8bfd873c0d326330bec
SHA512

d985011c5aa68bd6eea5f6b1fdd96d2d4383d73e4491513e571025799170d89e52a5748b7e28073924bc7b3cf0f1ef44ce4b7a3c9ad3f4755a820fefa068481f
SSDEEP

49152:CN8bqC1ySwvn69w15l8v1VPv1jg6v/2og9SjjZA69C5nRIe:CN81oEwfoJvCc/2ogIjjq69anRp

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  d5f079639870855cbc8f1aa9a9fd7e25_JaffaCakes118
- Size
  
  1.8MB
- MD5
  
  d5f079639870855cbc8f1aa9a9fd7e25
- SHA1
  
  92145c05a0aba08477ace7b5c3651e75d414e075
- SHA256
  
  54de2d3ab0e88f6e6840426b9bb0a3792014369709b3c8bfd873c0d326330bec
- SHA512
  
  d985011c5aa68bd6eea5f6b1fdd96d2d4383d73e4491513e571025799170d89e52a5748b7e28073924bc7b3cf0f1ef44ce4b7a3c9ad3f4755a820fefa068481f
- SSDEEP
  
  49152:CN8bqC1ySwvn69w15l8v1VPv1jg6v/2og9SjjZA69C5nRIe:CN81oEwfoJvCc/2ogIjjq69anRp
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2